-
Enhancement
-
Resolution: Fixed
-
P3
-
None
1. https://docs.oracle.com/en/java/javase/15/security/java-secure-socket-extension-jsse-reference-guide.html#GUID-64D7EAF6-D2EE-4719-8616-25E2829CF810
This feature [Resuming Session Without Server-Side State] is not enabled by default.
2. The following is unclear: "However, the contents of stateless tickets, in particular, the contents of a NewSessionTicket message, depend on the value of jdk.tls.server.enableSessionTicketExtension."
=====
Here's a summary of the discussion around this issue:
1. This has been fixed in the JDK 16 docs:
https://docs.oracle.com/en/java/javase/16/security/java-secure-socket-extension-jsse-reference-guide.html#GUID-64D7EAF6-D2EE-4719-8616-25E2829CF810
2. In TLS 1.3, if stateless session resumption is in use (that is, the system property jdk.tls.server.enableSessionTicketExtension is true), then the NewSessionTicket message includes all session information (in encrypted format).
If session resumption is stateful (that is, jdk.tls.server.enableSessionTicketExtension is false), then the NewSessionTicket message just contains a key that is used by the server during session resumption in order to access the session information from its session cache.
In TLS 1.3, you can configure the resumption mode (set it to either stateful or stateless) with the system property jdk.tls.server.enableSessionTicketExtension. However, in JDK 14 and later, there's usually no need to change the default resumption mode, which is stateless.
A note should be added to the description of jdk.tls.server.enableSessionTicketExtension:
Note: In TLS 1.2 stateless session tickets will be used only if they are supported by the client.
This feature [Resuming Session Without Server-Side State] is not enabled by default.
2. The following is unclear: "However, the contents of stateless tickets, in particular, the contents of a NewSessionTicket message, depend on the value of jdk.tls.server.enableSessionTicketExtension."
=====
Here's a summary of the discussion around this issue:
1. This has been fixed in the JDK 16 docs:
https://docs.oracle.com/en/java/javase/16/security/java-secure-socket-extension-jsse-reference-guide.html#GUID-64D7EAF6-D2EE-4719-8616-25E2829CF810
2. In TLS 1.3, if stateless session resumption is in use (that is, the system property jdk.tls.server.enableSessionTicketExtension is true), then the NewSessionTicket message includes all session information (in encrypted format).
If session resumption is stateful (that is, jdk.tls.server.enableSessionTicketExtension is false), then the NewSessionTicket message just contains a key that is used by the server during session resumption in order to access the session information from its session cache.
In TLS 1.3, you can configure the resumption mode (set it to either stateful or stateless) with the system property jdk.tls.server.enableSessionTicketExtension. However, in JDK 14 and later, there's usually no need to change the default resumption mode, which is stateless.
A note should be added to the description of jdk.tls.server.enableSessionTicketExtension:
Note: In TLS 1.2 stateless session tickets will be used only if they are supported by the client.