Summary

Support stateless session resumption (RFC 5077 and RFC 8446) in the JDK TLS implementation.

Problem

Currently, in the JDK TLS implementation, the server caches the session resumption data for each clients. The cache could hurt the performance in various aspects: memory, garbage collection, synchronization and load balance.

Solution:

For TLS 1.2 and prior versions, RFC 5077 defines a TLS extension, SessionTicket, for session resumption without server side state. Support for this TLS extension will be added to the SunJSSE provider.

For TLS 1.3, RFC 8446 defines a mechanism for stateless session resumption. This mechanism will be implemented in the SunJSSE provider.

Specification:

Support the SessionTicket extension for TLS 1.2 and prior versions, and the stateless session resumption for TLS 1.3. There are no public APIs changes. Almost all of changes are contained within the JDK internal SunJSSE provider code.

The following two System properties will be added, just in case of any compatibility issues if a peer cannot handle the SessionTicket extension properly, or applications don't want the extension:

jdk.tls.client.enableSessionTicketExtension is used on the TLS 1.2 and prior versions client side to toggle the Session Ticket Extension on the ClientHello message. Property value: "true" sends the extension (default value), "false" does not.

jdk.tls.server.enableSessionTicketExtension enables a TLS 1.2 and prior versions server to use stateless session tickets if the client supports it. Client's that do not support stateless session tickets will use the cache. Property value: "true" enables stateless (default value), "false" does not.

For TLS 1.3, stateless tickets use the existing PSK resumption extension in (RFC 8446), which require no properties or settings.