RFC 5077: TLS Session Resumption without Server-Side State

If you view the output of SSLDump and if there is evidence of SSL Session Resumption especially if there is “session cache” is not configured on the server then you might be perplexed. I was and after a little investigation was able to attribute it to the implementation of RFC 5077.

Essentially the client sends an empty SessionTicket extension to the server (in the ClientHello message) and the server responds with an empty one if it supports such resumption (in the ServerHello message). The server, later on, after the computation of the “MasterSecret” would encrypt it along with the other session state such as the cipher suite in a “SessionTicket” and return the “NewSessionTicket” message to the client right before the ChangeCipherSpec message.

The following is a screen shot of a “SessionTicket” message / packet from the server to the client captured on WireShark.

Leave a Reply

Your email address will not be published. Required fields are marked *

     

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">