[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS 1.3 and 0-RTT

To: Michael Ströder <michael@stroeder.com>, openldap-devel@openldap.org
Subject: Re: TLS 1.3 and 0-RTT
From: Howard Chu <hyc@symas.com>
Date: Thu, 6 Sep 2018 16:51:53 +0100
In-reply-to: <871e1806-e38b-8b0e-8c59-d66c8b3b678d@stroeder.com>
References: <871e1806-e38b-8b0e-8c59-d66c8b3b678d@stroeder.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0 SeaMonkey/2.53

Michael Ströder wrote:
> HI!
> 
> Are there any plans to support TLS 1.3?

Which libraries implement it? We already have support for OpenSSL 1.1.

> The 0-RTT feature could be a significant performance gain in case LDAP applications open a new TLS connection each time they check a password with a bind request.

Haven't seen it. Is it implemented server-side, client-side, or both? How is it different from
existing session caching feature? Note that slapd supports session caching by default; libldap
and clients require session caching to be explicitly enabled.

-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: Regarding the feature to introduce new LDAP option to set source bind IP address
Next by Date: Fifth OpenLDAP Developer Day – Call for Registration!
Index(es):
- Chronological
- Thread