search

mozilla / ssl-config-generator

Mozilla SSL Configuration Generator
https://ssl-config.mozilla.org/
Mozilla Public License 2.0
358 stars 59 forks source link

Nginx ssl_session_tickets with modern on v5 #69

Open bungle opened 4 years ago

bungle commented 4 years ago

As modern is now only TLSv1.3 perhaps it doesn't make a sense for that to even specify:

ssl_session_tickets off;

As that is not used with TLSv1.3.

Yes, I know it is part of generic section, so please close if not considered with any importance.

tomato42 commented 4 years ago

is pure-psk session resumption disabled? I think clients still can use it, it just defaults to dhe_psk resumption, doesn't it?

april commented 4 years ago

If we could get an nginx developer to chime in, that would be great. I'm a little worried about making the change without truly understanding what knobs that turns.

makhomed commented 3 years ago

If we could get an nginx developer to chime in, that would be great. I'm a little worried about making the change without truly understanding what knobs that turns.

@april, you can ask nginx developers about this and any other questions in the nginx@nginx.org mail list.

More details about this English mail list: http://nginx.org/en/support.html

nginx developers are Maxim Dounin, and any other people, why wrote from email something(at)nginx.com

HLFH commented 1 year ago

There are some changes with ssl_session_tickets since nginx 1.23.2: https://nginx.org/en/CHANGES

LeviPesin commented 1 year ago

Isn't this a duplicate of https://github.com/mozilla/server-side-tls/issues/282?