[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS 1.3 and 0-RTT

Michael Ströder wrote:
> HI!
> Are there any plans to support TLS 1.3?

Which libraries implement it? We already have support for OpenSSL 1.1.

> The 0-RTT feature could be a significant performance gain in case LDAP applications open a new TLS connection each time they check a password with a bind request.

Haven't seen it. Is it implemented server-side, client-side, or both? How is it different from
existing session caching feature? Note that slapd supports session caching by default; libldap
and clients require session caching to be explicitly enabled.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/