Unbound 1.9.0 released - TLS session resumption support and configuration
nusenu-lists at riseup.net
Sun Mar 24 14:01:00 UTC 2019
Wouter Wijngaards via Unbound-users:
> There is also TLS session resumption support, that can be enabled with
> the tls-session-ticket-keys option.
According to a scan of a unbound DoT endpoint running 1.9.1
unbound enables TLS session resumption based on
- Session ID
- Session Tickets
by default, without specifying tls-session-ticket-keys.
from the man page:
> tls-session-ticket-keys: <file>
> If not "", [...]
unbound will not start when setting:
error: could not read tls-session-ticket-key : No such file or directory
- What key is used to encrypt session tickets if tls-session-ticket-keys is not set?
- How can I disable TLS session resumption based on session tickets?
- What is the default timeout for session resumption based on session IDs?
- How can I configure that timeout?
- How can I disable TLS session resumption based on session IDs?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the Unbound-users