Merge r1650310, r1650320 from trunk. (4d78feaa) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Commit 4d78feaa authored May 11, 2015 by

Yann Ylavic

Merge r1650310, r1650320 from trunk.


Add SSLSessionTickets (on|off).

It controls the use of TLS session tickets
(RFC 5077). Default is unchanged (on).

Using session tickets without restarting
the web server with an appropriate frequency
(e.g. daily) compromises perfect forward
secrecy.

As long as we do not have a nice key management
there should be a way to deactivate session
tickets.


Fix copy and paste error in docs of new feature.


Committed by: rjung
Reviewed by: ylavic, rjung, gsmith
Backported by: ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1678703 13f79535-47bb-0310-9956-ffa450edef68

parent 8fde7782

Hide whitespace changes

Inline Side-by-side

Please register or to comment