TLS: increase resumption ticket lifetime to 2 hours

author: Jeremy Harris <jgh146exb@wizmail.org> 2019-05-06 13:34:18 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2019-05-07 22:45:51 +0100
commit: dea4b5684c694c41105215bdb25f8e91b7c35c5d (patch)
tree: 019d1c6b5a12995978c183124820b07adc83c604 /doc/doc-txt/experimental-spec.txt
parent: 4f1d23a1aa7aafc5a47988d80dde87c67ec8e1fc (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/doc/doc-txt/experimental-spec.txt b/doc/doc-txt/experimental-spec.txt
index f304cf455..0f749c6cf 100644
--- a/doc/doc-txt/experimental-spec.txt
+++ b/doc/doc-txt/experimental-spec.txt
@@ -984,7 +984,10 @@ Security aspects:
  vulnarability surface.  An attacker able to decrypt it would have access
  all connections using the resumed session.
  The session ticket encryption key is not committed to storage by the server
- and is rotated regularly.  Tickets have limited lifetime.
+ and is rotated regularly (OpenSSL: 1hr, and one previous key is used for
+ overlap; GnuTLS 6hr but does not specify any overlap).
+ Tickets have limited lifetime (2hr, and new ones issued after 1hr under
+ OpenSSL.  GnuTLS 2hr, appears to not do overlap).
 
  There is a question-mark over the security of the Diffie-Helman parameters
  used for session negotiation. TBD.  q-value; cf bug 1895
author	Jeremy Harris <jgh146exb@wizmail.org>	2019-05-06 13:34:18 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2019-05-07 22:45:51 +0100
commit	dea4b5684c694c41105215bdb25f8e91b7c35c5d (patch)
tree	019d1c6b5a12995978c183124820b07adc83c604 /doc/doc-txt/experimental-spec.txt
parent	4f1d23a1aa7aafc5a47988d80dde87c67ec8e1fc (diff)