TLS Session tickets and PFS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 
The Recommended Mozilla SSL configuration has TLS session tickets disabled, see https://ssl-config.mozilla.org/#server=apache&server-version=2.4.39&config=intermediate 


The docu says:
TLS session tickets are enabled by default. Using them without restarting the web server with an appropriate frequency (e.g. daily) compromises perfect forward secrecy. 


Is it still valid that it compromises PFS ?

My advise should be in general to disable it.


Steffen
At Certbot there is also a discussion https://github.com/certbot/certbot/issues/6901 



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux