Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P3
Fix Version/s: 13
Affects Version/s: None
Component/s: security-libs
Labels:
- release-note=yes

Subcomponent:
javax.net.ssl
Resolved In Build:
b25

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8226086	14	Anthony Scarpino	P3	Resolved	Fixed	team

The server stateless session resumption specification is defined in RFC 5077 for TLS 1.2 and before, by making use of the SessionTicket extension. This extension has been widely supported by the major TLS vendors, like OpenSSL, GnuTLS, NSS, and Microsoft, and browsers like Firefox and Google Chrome.

TLS 1.3 RFC includes new stateless resumption

Session cache management is becoming a performance and scalability bottleneck.

backported by

JDK-8226086 Session Resumption without Server-Side State

Resolved

causes

JDK-8355637 SSLSessionImpl's "serialization" list documentation is incorrectly ordered

Resolved

csr for

JDK-8223922 Session Resumption without Server-Side State

Closed

duplicates

JDK-8134497 Add TLS support for RFC 5077 Session Ticket

Closed

JDK-8211017 Support TLS 1.3 session resumption without server-side state

Closed

relates to

JDK-8280158 New test from JDK-8274736 failed with/without patch in JDK11u

Resolved

JDK-8298381 Improve handling of session tickets for multiple SSLContexts

Closed

JDK-8236624 Document the jdk.tls.client.enableSessionTicketExtension, jdk.tls.server.enableSessionTicketExtension and jdk.tls.server.sessionTicketTimeout system properties

Resolved

JDK-8226244 Load balance requests across servers

Closed

JDK-8350830 Values converted incorrectly when reading TLS session tickets

Open

JDK-8215933 TLS Session Resumption loses track of SSLSession values

Open

JDK-8228396 Re-enable Stateless Resumption On by default for merge to mainline

Resolved

JDK-8225678 sun/security/pkcs11/tls/tls12/FipsModeTLS12.java fails due to SSLProtocolException

Closed

JDK-8227551 Session Resumption without Server-Side State off by default

Closed

JDK-8226649 NullPointerException (boundValues) in SSLSessionImpl methods since JDK-8211018

Closed

JDK-8229148 SSLSession.invalidate() should not be implicitly required

Closed

JDK-8229149 SSLSession.getId() always returns the TLS record session id

Closed

JDK-8277307 Pre shared key sent under both session_ticket and pre_shared_key extensions

Closed

JDK-8227530 Session Resumption without Server-Side State off by default

Closed

(14 relates to)

Release Note: Session Resumption without Server-Side State in JSSE

Closed

Anthony Scarpino

Assignee:: Anthony Scarpino

Reporter:: Xuelei Fan

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2018-09-21 10:38

Updated:: 2025-04-25 21:43

Resolved:: 2019-06-11 16:32

Details

Backports

Description

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates