Hi Viktor, Thank you for the info. Regarding the information in the ticket, I was looking at the recommended ticket structure in RFC 5077 section 4 (https://datatracker.ietf.org/doc/html/rfc5077#section-4). There is the encrypted_state mentioned, which contains the encrypted information stated in the structures in section 4. For the renegotiation extension verification from RFC 5746 section 3.7 (https://datatracker.ietf.org/doc/html/rfc5746#section-3.7), the server must have the client_verify_data, which is not part of the ticket in the StatePlaintext structure. That was the reason for assuming that the renegotiation extension may not be used in the case of ticket based resumption. If the server puts this information (from the Finish message) into the ticket, it could reconstruct it. Maybe I was taking the section 4 of RFC 5077 to literally.
Best regards Steffen > -----Original Message----- > From: TLS <tls-boun...@ietf.org> On Behalf Of Viktor Dukhovni > Sent: Donnerstag, 15. September 2022 15:42 > To: tls@ietf.org > Subject: Re: [TLS] RFC 5746 applicable for session resumption? > > On Thu, Sep 15, 2022 at 01:16:33PM +0000, Fries, Steffen wrote: > > > I was just double checking if there was an answer to the question of > > using the TLS renegotiation extension from RFC 5746 in the context of > > TLS session resumption. As stated below, based on the RFC it is not > > crystal clear if it applies. In general I would think yes, but only > > for session resumption based on the sessionID, not based on tickets. > > There should be no difference between (server-side) stateful and stateless > resumption. The server should serialise into the session ticket sufficient > information to allow it to fully recover the session, as though it were cached > locally to facilitate stateful resumption. > > This is the case at least with OpenSSL, the session ticket contains and > encrypted > and MACed serialised SSL_SESSION object, in exactly the same form as it would > have in a server-side session cache. > > -- > Viktor. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf > .org%2Fmailman%2Flistinfo%2Ftls&data=05%7C01%7Csteffen.fries%40sie > mens.com%7Cb07ba1db3dfc413ab86208da9720128d%7C38ae3bcd95794fd4ad > dab42e1495d55a%7C1%7C0%7C637988461247843608%7CUnknown%7CTWFpb > GZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6M > n0%3D%7C3000%7C%7C%7C&sdata=XWMXniQ6lhqUtpn89V1Nb0ap1VEsH > lOpeCkxsDBSgKU%3D&reserved=0 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
