lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases 72 Wiki Activity
Browse Source

[mod_nss] update session ticket NSS devel comment 

Update: NSS developer explains:
"The way that we currently operate is to tie the session key encryption
 to the server public key. Which only works if you have an RSA key
 configured"
https://bugzilla.mozilla.org/show_bug.cgi?id=1673254
master
Glenn Strauss 2 months ago
parent
7ce8b22cb2
commit
3db556fde3
1 changed files with 4 additions and 3 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +4
    -3
      src/mod_nss.c

+ 4
- 3
src/mod_nss.c View File

@ -8,8 +8,6 @@
* Copyright 2001-2004 The Apache Software Foundation
*/
/*
* WARNING: EXPERIMENTAL code sketch; mod_nss is INCOMPLETE and UNTESTED
*
* NSS docs: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
*
* NSS documentation is seriously lacking and man pages exist only for apps;
@ -36,7 +34,10 @@
* PK11SymKey *masterSecret in ssl3CipherSpec in ssl3State in sslSessionID
* is private in lib/ssl/ssl3con.c
*
* XXX: due to limitations, consider disabling session tickets in mod_nss
* Update: NSS developer explains:
* "The way that we currently operate is to tie the session key encryption to
* the server public key. Which only works if you have an RSA key configured"
* https://bugzilla.mozilla.org/show_bug.cgi?id=1673254
*
* not implemented:
* - session ticket rotation (see comments above)


Write Preview
Loading…
Cancel
Save