On Wednesday, 10 April 2019 12:05:21 CEST Jeremy Harris wrote: > On 10/04/2019 01:25, Viktor Dukhovni wrote: > > With TLS 1.0, 1.1 and 1.2, the the (always new IIRC) session object > > associated with the connection object at the completion of each > > handshake, will contain any fresh tickets issued by the server. > > That does not match my observation. that assumes that the server sends tickets in the first place... but the point stands, the TLS 1.2 server cannot provide a session ticket to the client after the handshake finished (client received server's Finished message), same for even older protocols -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
Attachment:
signature.asc
Description: This is a digitally signed message part.
