Stateless session resumption for TLS 1.3 with enableSessionTicketExtension?
raell at web.de
raell at web.de
Tue Dec 17 12:53:51 UTC 2019
Hi Tony,
thank you for the clarification.
Btw: If I'm not mistaken, the new System properties for stateless session resumption are not included in the documentation https://docs.oracle.com/en/java/javase/13/security/java-secure-socket-extension-jsse-reference-guide.html#GUID-93DEEE16-0B70-40E5-BBE7-55C3FD432345 (Table 8-3) so far. If they should be added there at a later time, maybe, your clarification for TLS 1.3 could be incorporated there?
Regards,
Ralph
On 12/16/2019 3:20 PM, Anthony Scarpino wrote:
>> Dear all,
>>
>>
>> in Java 13 the new System properties jdk.tls.client.enableSessionTicketExtension and jdk.tls.server.enableSessionTicketExtension were introduced. In TLS 1.2 and prior these properties support stateful session resumption according to RFC 5077.
>>
>> In TLS 1.3, however, there is no SessionTicketExtension and it isn't clear from the description [1] what impact jdk.tls.server.enableSessionTicketExtension has in case of a TLS 1.3 connection.
>>
>> Question 1: Does a Java server perform on a TLS 1.3 connection a stateless resp. stateful session resumption, if
>> jdk.tls.server.enableSessionTicketExtension is set to true resp. false?
>Yes
>>
>> Question 2: Does the content of the NewSessionTicket message in TLS 1.3 depend on the value of jdk.tls.server.enableSessionTicketExtension?
>Yes
>Tony
More information about the security-dev
mailing list