You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
TLS 1.3 allows for the NewSessionTicket message to be sent at any time after the handshake.
OpenSSL offers an SSL_SESSION_set1_ticket_appdata() API to let the application include data in that session ticket, and the normal course of execution of a program might cause the application to wish to update the data included in the session ticket used by the client. In order to do so, the application would need a way to cause libssl to generate a NewSessionTicket message on demand; libssl currently only emits (SSL_set_num_tickets()) tickets immediately after a handshake completes, and never after that. An SSL_write_ticket() API was proposed in #7948 as one of many potential routes towards solving that problem, but it may have utility in other scenarios as well.
This issue is for discussion of whether we would want to support this general class of functionality, and if so, what the appropriate API contract would be. I haven't started to write any code since this would necessarily interact with the handshake state machine, which always requires some delicateness. Probably we would need to generalize the mechanism we use to re-enter handshake mode for update-requested KeyUpdate scenarios in order to handle the requesut to send NewSessionTicket as well, but that's just from memory and not based on any experimentation.
The text was updated successfully, but these errors were encountered:
TLS 1.3 allows for the NewSessionTicket message to be sent at any time after the handshake.
OpenSSL offers an SSL_SESSION_set1_ticket_appdata() API to let the application include data in that session ticket, and the normal course of execution of a program might cause the application to wish to update the data included in the session ticket used by the client. In order to do so, the application would need a way to cause libssl to generate a NewSessionTicket message on demand; libssl currently only emits (SSL_set_num_tickets()) tickets immediately after a handshake completes, and never after that. An SSL_write_ticket() API was proposed in #7948 as one of many potential routes towards solving that problem, but it may have utility in other scenarios as well.
This issue is for discussion of whether we would want to support this general class of functionality, and if so, what the appropriate API contract would be. I haven't started to write any code since this would necessarily interact with the handshake state machine, which always requires some delicateness. Probably we would need to generalize the mechanism we use to re-enter handshake mode for update-requested KeyUpdate scenarios in order to handle the requesut to send NewSessionTicket as well, but that's just from memory and not based on any experimentation.
The text was updated successfully, but these errors were encountered: