> On Apr 2, 2019, at 11:17 AM, Jeremy Harris <j...@wizmail.org> wrote:
>
> If I understand right from rfc5077 the next record from the server after
> the server-hello should have been an empty session_ticket, if it was
> going to accept the resumed session. But it goes on to a full handshake
> instead.
>
> Is there any way of finding out what it didn't like?
Does the server have a temporally stable ticket decryption key?
Is this Exim? Is the server's SSL_CTX persistent and shared
across multiple connections? IIRC Exim has a completely fresh
SSL stack initialized after fork for every client...
--
Viktor.
