Details
-
Enhancement
-
Resolution: Duplicate
-
P3
-
8u51
-
x86
-
linux
Description
A DESCRIPTION OF THE REQUEST :
Currently it is not possible to speed up SSL handshake negotiations using the TLS session ticket extension.
http://tools.ietf.org/html/rfc5077
There is no way of controlling the handshake to implement this manually or requesting session tickets be used as a client or server.
JUSTIFICATION :
Huge speed improvements and reduced CPU usage.
https://blog.cloudflare.com/tls-session-resumption-full-speed-and-secure/
Any application that handles multiple connections will see a large performance improvement as the most expensive part of the handshake is skipped.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Allow SSLSocket objects to have the ability to implement session tickets or allow access to add TLS extensions to the handshake.
ACTUAL -
Its impossible to implement session tickets with the current library.
CUSTOMER SUBMITTED WORKAROUND :
Opening sockets with OpenSSL instead of using the java ssl library.
Currently it is not possible to speed up SSL handshake negotiations using the TLS session ticket extension.
http://tools.ietf.org/html/rfc5077
There is no way of controlling the handshake to implement this manually or requesting session tickets be used as a client or server.
JUSTIFICATION :
Huge speed improvements and reduced CPU usage.
https://blog.cloudflare.com/tls-session-resumption-full-speed-and-secure/
Any application that handles multiple connections will see a large performance improvement as the most expensive part of the handshake is skipped.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Allow SSLSocket objects to have the ability to implement session tickets or allow access to add TLS extensions to the handshake.
ACTUAL -
Its impossible to implement session tickets with the current library.
CUSTOMER SUBMITTED WORKAROUND :
Opening sockets with OpenSSL instead of using the java ssl library.
Attachments
Issue Links
- duplicates
-
JDK-8211018 Session Resumption without Server-Side State
- Resolved
- relates to
-
JDK-8190697 Provide a API to disable SSL session resumption per Application
- Closed