From 43e2db44c657b07340368eae5dd05e51eab829fb Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Thu, 2 May 2019 21:01:43 +0100 Subject: TLS: library version build-time checks for resumption support --- doc/doc-txt/experimental-spec.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/doc-txt/experimental-spec.txt b/doc/doc-txt/experimental-spec.txt index a2861c4a9..feecb3375 100644 --- a/doc/doc-txt/experimental-spec.txt +++ b/doc/doc-txt/experimental-spec.txt @@ -953,9 +953,10 @@ Transport configurations should be checked for this. An example avoidance: TLS Session Resumption ---------------------- -TLS Session Resumption for TLS 1.2 and TLS1.3 connections can be used (defined +TLS Session Resumption for TLS 1.2 and TLS 1.3 connections can be used (defined in RFC 5077 for 1.2). The support for this can be included by building with -EXPERIMENTAL_TLS_RESUME defined. +EXPERIMENTAL_TLS_RESUME defined. This requires GnuTLS 3.6.3 or OpenSSL 1.1.1 +(or later). Session resumption (this is the "stateless" variant) involves the server sending a "session ticket" to the client on one connection, which can be stored by the -- cgit v1.2.3