Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8333581

Multiple NewSessionTicket support for TLS

XMLWordPrintable

    • behavioral
    • minimal
    • There should be no compatibility risk.
    • System or security property
    • JDK

      Summary

      Improve TLS 1.3 session resumption by allowing a TLS server to send more than one resumption ticket per connection.

      Problem

      Resumption is a quick way to use an existing TLS session to establish another session by avoiding the long TLS full handshake process. In TLS 1.2 and below, clients can repeatedly resume a session by using the session ID from an established connection. In TLS 1.3, a one-time "resumption ticket" is sent by the server after the TLS connection has been established. The server may send multiple resumption tickets to help clients that rapidly resume connections. If the client does not have another resumption ticket, it must go through the full TLS handshake again.

      The number of resumption tickets should be configurable by the application developer or administrator. RFC 8446 allows multiple tickets but does not specify a default value. Since TLS 1.3 was implemented in the JDK, one resumption ticket is sent per handshake.

      TLS 1.2 only supports one resumption ticket according to RFC 5077 and must be handled slightly different.

      Solution

      Creating a system property called jdk.tls.server.newSessionTicketCount allows the user to change the number of resumption tickets sent by the server. If this property is not set or given an invalid value, the default value of 1 is used. Valid property values are between 0 and 10. TLS 1.2 will always send one resumption ticket unless the property is set to zero, given RFC 5077 differences.

      Configuring the TLS server to send more than one resumption ticket is a small part of a larger change which allows TLS clients to store more than one resumption ticket.

      Specification

      The change is only in code and will be documented in the JSSE Guide. There is no javadoc for this change as it is a TLS configuration beyond the Java API.

      At the end of the Resuming Session Without Server-Side State session in the JSSE Guide, the following would be a proposed addition:

      The server sends one session ticket by default.  The system property
      `jdk.tls.server.newSessionTicketCount` will set the number of tickets
      sent per TLS 1.3 connection, ranging from 0 to 10.  TLS 1.2 does not
      support more than one session ticket, but will send no tickets if the
      property is set to zero.

      To view the code change see src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java at https://github.com/openjdk/jdk/pull/19465/files/

            ascarpino Anthony Scarpino
            mullan Sean Mullan
            Jamil Nimeh
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: