cryptcheck icon indicating copy to clipboard operation
cryptcheck copied to clipboard

Published 20 hours ago verified publisher icon aeris

Forward Secrecy lost when TLS session tickets activated

Open tdelmas opened this issue 9 years ago • 1 comments

According to https://wiki.mozilla.org/Security/Server_Side_TLS#TLS_tickets_.28RFC_5077.29 and https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-Slides.pdf , when TLS session tickets are activated, we lose Forward Secrecy.

So I think the report should emphasis that.

tdelmas avatar Jul 20 '16 20:07 tdelmas

Another source: https://github.com/mozilla/server-side-tls/issues/135

/cc @gene1wood @tomato42

rugk avatar Jul 21 '16 14:07 rugk