crypto/tls: avoid linkability across sessions by not reusing session tickets #60505
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
What version of Go are you using (
go version
)?What operating system and processor architecture are you using (
go env
)?go env
OutputDoes this issue reproduce with the latest release?
Yes
What did you do?
I resumed multiple TLS session to the same server (without saving the session ticket issued on the first resumed connection).
What did you expect to see?
I expected the ticket to not be reused. RFC 8446 Appendix C.4 says:
While it's just a SHOULD NOT and not a MUST NOT, is there any good reason to deviate from the advice given in the RFC?
What did you see instead?
Session tickets are only removed when the handshake fails or when either the server certificate or the session ticket has expired.
The text was updated successfully, but these errors were encountered: