Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tls session, keep only expiry date #15861

Closed
wants to merge 3 commits into from

Conversation

icing
Copy link
Contributor

@icing icing commented Dec 30, 2024

Instead of "time received" and "lifetime seconds", keep only the expiry date for TLS session tickets.

Rationale:

  • We do not want to export the received time, since that allows easier tracking of when connections have been made.
  • We do not want to export the lifetime, since that allows easier identification of (anonymised) session tickets from a particular server. Server will have different lifetimes in their configuration and persisting that time would allow identifying tickets from, say, facebook vs. wikipedia or furries.com.

Of course, once the host for an entry is found out (maybe by brute forcing), the connection time could still be calculated from the lifetime that host is configured with. But there is no helping that.

Instead of receive and lifetime, keep only the eppch
seconds when a session expires.
@github-actions github-actions bot added the tests label Dec 30, 2024
@icing icing added the TLS label Dec 30, 2024
@bagder bagder closed this in 8a66c11 Dec 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging this pull request may close these issues.

2 participants