Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Why do you recommend disable ssl_session_tickets in NGINX? #135
The problem is not that they are insecure, or that they can't be made secure. The problem is that the way they are commonly implemented means that you don't provide forward secrecy if you use them - all encryption keys are ultimately encrypted with just one encryption key - the session ticket key.
see here for more in-depth explanation: https://www.imperialviolet.org/2013/06/27/botchingpfs.html
This was referenced
Jul 21, 2016
Apache docs is very clear about it:
E.g. on Debian-based systems daily logrotate reloads Apache. I hope a reload is enough.
This is what I think.
This prints the TLS session ticket:
openssl s_client -purpose "sslserver" -verify_return_error \ -connect www.egeszseges-ivoviz.hu:443 -servername www.egeszseges-ivoviz.hu \ < /dev/null 2> /dev/null | sed '/TLS session ticket:/,/^$/!d'
If I run it continuously the first 16 bytes don't change, only the rest.
Am I right?
From what I can see in openssl sources, the first 16 bytes of the ticket is the "name" of the key (essentially random data), so it changing does suggest the encryption key is changing too, but without looking into apache sources I can't tell for sure.
maybe you could find the bug in issue tracker that references it, we would know in which version they fixed the reload behaviour