diff --git a/CHANGES b/CHANGES
index 9e3e6ed95c5604c6bcbc60386b691df11f578f1f..20621acf04ec957647432f6544d8146d8d2078f2 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,21 @@
                                   Changelog
 
 Daniel Stenberg (26 Jan 2009)
+- The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to
+  disable "rfc4507bis session ticket support".  rfc4507bis was later turned
+  into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077
+
+  The enabled extension concerns the session management. I wonder how often
+  libcurl stops a connection and then resumes a TLS session. also, sending the
+  session data is some overhead. .I suggest that you just use your proposed
+  patch (which explicitly disables TICKET).
+
+  If someone writes an application with libcurl and openssl who wants to
+  enable the feature, one can do this in the SSL callback.
+
+  Sharad Gupta brought this to my attention. Peter Sylvester helped me decide
+  on the proper action.
+
 - Alexey Borzov filed bug report #2535504
   (http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with
   quoted quotation marks in HTTP Digest headers didn't work. I've now added 
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index a54f611cbaadcba5734567d1faaf787cb428664c..2bafd5a32051ae9123a33dbbcb8d50718189c9a6 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -10,6 +10,8 @@ Curl and libcurl 7.19.4
 This release includes the following changes:
 
  o Added CURLOPT_NOPROXY and the corresponding --noproxy
+ o the OpenSSL-specific code disables TICKET (rfc5077) which is enabled by default
+   in openssl 0.9.8j
 
 This release includes the following bugfixes:
 
@@ -24,6 +26,7 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Lisa Xu, Daniel Fandrich, Craig A West, Alexey Borzov
+ Lisa Xu, Daniel Fandrich, Craig A West, Alexey Borzov, Sharad Gupta,
+ Peter Sylvester
 
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/ssluse.c b/lib/ssluse.c
index ec3c53157059f4c0a587203a5acb253be803a849..cb2a2163d8dc336a7a6920e1ee8705e29b4133df 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -1385,8 +1385,28 @@ ossl_connect_step1(struct connectdata *conn,
      enable the bug workaround options if compatibility with somewhat broken
      implementations is desired."
 
+     The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to
+     disable "rfc4507bis session ticket support".  rfc4507bis was later turned
+     into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077
+
+     The enabled extension concerns the session management. I wonder how often
+     libcurl stops a connection and then resumes a TLS session. also, sending
+     the session data is some overhead. .I suggest that you just use your
+     proposed patch (which explicitly disables TICKET).
+
+     If someone writes an application with libcurl and openssl who wants to
+     enable the feature, one can do this in the SSL callback.
+
   */
-  SSL_CTX_set_options(connssl->ctx, SSL_OP_ALL);
+#ifdef SSL_OP_NO_TICKET
+  /* expect older openssl releases to not have this define so only use it if
+     present */
+#define CURL_CTX_OPTIONS SSL_OP_ALL|SSL_OP_NO_TICKET
+#else
+#define CURL_CTX_OPTIONS SSL_OP_ALL
+#endif
+
+  SSL_CTX_set_options(connssl->ctx, CURL_CTX_OPTIONS);
 
   /* disable SSLv2 in the default case (i.e. allow SSLv3 and TLSv1) */
   if(data->set.ssl.version == CURL_SSLVERSION_DEFAULT)