TLS 1.3 session reuse (resumption) does not work (OpenSSL) #3202
I did this
I have tested SSL/TLS session reuse with TLS 1.3 and "openssl s_server".
With TLS 1.3, curl creates two SSL sessions:
With TLS 1.2, curl reuses the SSL session (as expected):
I expected the following
SSL/TLS session reuse works with TLS 1.3
OpenSSL Wiki: TLS 1.3 - Sessions
curl should use the SSL_CTX_sess_set_new_cb function to set a "new session" callback.
Probably other SSL backends are also affected.
referenced this issue
Nov 14, 2018
TLS 1.3 uses a new session resume mechanism, it's similar to the (old) session tickets, but it's not the same.