[gnutls-devel] GnuTLS | resumption: keep persistent session identifiers (!721)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Aug 6 17:03:09 CEST 2018
Hubert Kario started a new discussion on lib/session.c:
> - * resumed. That is because resumed sessions share the same session ID
> - * with the original session.
> - *
> - * The session ID is selected by the server, that identify the
> - * current session. In all supported TLS protocols, the session id
> - * is less than %GNUTLS_MAX_SESSION_ID_SIZE.
> - *
> - * The TLS session ID cannot be relied for uniquely identifying sessions.
> - * It should not be used by new applications, nor be assumed
> - * that it will remain the same on resumption. The session ID changes
> - * even on resumed sessions under session tickets, and has no defined meaning
> - * under TLS 1.3.
> + * Returns the TLS session identifier. The session ID is selected by the
> + * server, and in older versions of TLS was a unique identifier shared
> + * between client and server which was persistent across resumption.
> + * In the latest version of TLS (1.3) or TLS 1.2 with session tickets, the
technically speaking, session tickets are not limited to TLS 1.2
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/721#note_92747175
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel