Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Enabling session resumption

Thank you Simone,

I was aware of their less than up to date support for TLS1.3 which they only recently stopped calling "experimental". It is quite disappointing that their results are incorrect about this. We have been the subject of quite some pen testing where ssltest is part of the analysis and their results are taken as gospel. I will have to look into ways of providing alternative evidence.

On 9/20/19 4:19 PM, Simone Bordet wrote:

On Fri, Sep 20, 2019 at 2:31 PM Silvio Bierman
<sbierman@xxxxxxxxxxxxxxxxxx> wrote:
Hello all,

I run an embedded Jetty 9.4.20.v20190813 and would like to get TLS
session resumption working. I currently only support TLS 1.2/1.3 protocols.

Qualys SSL-test now says:

Session resumption (caching):    No (IDs assigned but not accepted)
Session resumption (tickets):    No

I tried sslContextFactory.setSessionCachingEnabled(true) but appearantly
that is not sufficient. Can anyone enlighten me on this subject?
I would not trust ssltest too much about this. For example it took
ages to ssllabs to say that sites were supporting TLS 1.3 (they said
no, but the sites were working *only* on TLS 1.3).

I believe that session resumption works fine, we have tests in Jetty etc.

Back to the top