You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
TLS 1.3 session resumption can be tested by running openssl s_client -connect c2.testrun.org:443 -tls1_3 -sess_out sess.pem
followed by openssl s_client -connect c2.testrun.org:443 -tls1_3 -sess_in sess.pem
On the first run you should see New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384, but on a second run Reused, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384. However, second connection also shows "New" even though the server issues two tickets on the first connection as can be seen from two lines Post-Handshake New Session Ticket arrived:.
With Postfix session resumption works but Postfix (port 465) issues only one ticket and only if resumption was not used: #456
Established session can even be reused on port 587 with -starttls smtp and vice versa. pre_shared_key (41) extension is not encrypted and is visible in Wireshark in the Server Hello message.
nginx sends two tickets if session is not resumed and one ticket if session is resumed.
But with Dovecot on port 993 second run results in New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384.
The text was updated successfully, but these errors were encountered:
TLS 1.3 session resumption can be tested by running
openssl s_client -connect c2.testrun.org:443 -tls1_3 -sess_out sess.pemfollowed by
openssl s_client -connect c2.testrun.org:443 -tls1_3 -sess_in sess.pemOn the first run you should see
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384, but on a second runReused, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384. However, second connection also shows "New" even though the server issues two tickets on the first connection as can be seen from two linesPost-Handshake New Session Ticket arrived:.With Postfix session resumption works but Postfix (port 465) issues only one ticket and only if resumption was not used: #456
Established session can even be reused on port 587 with
-starttls smtpand vice versa.pre_shared_key(41) extension is not encrypted and is visible in Wireshark in the Server Hello message.nginx sends two tickets if session is not resumed and one ticket if session is resumed.
But with Dovecot on port 993 second run results in
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384.The text was updated successfully, but these errors were encountered: