opinions about Session tickets

A. Schulze sca at andreasschulze.de
Mon Apr 11 15:17:07 UTC 2016

Maxim Dounin:

> In nginx 1.5.9 the "ssl_session_tickets" directive was added,
> which makes it possible to disable session tickets when needed.

I found these two opinions. They suggest to disable session tickets.

  - https://www.farsightsecurity.com/Blog/20151202-thall-hardening-dh-and-ecc/

what do others think about that?

More information about the nginx mailing list