[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS 1.3 and 0-RTT
- To: Michael Ströder <michael@stroeder.com>, openldap-devel@openldap.org
- Subject: Re: TLS 1.3 and 0-RTT
- From: Howard Chu <hyc@symas.com>
- Date: Thu, 6 Sep 2018 16:51:53 +0100
- In-reply-to: <871e1806-e38b-8b0e-8c59-d66c8b3b678d@stroeder.com>
- References: <871e1806-e38b-8b0e-8c59-d66c8b3b678d@stroeder.com>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0 SeaMonkey/2.53
Michael Ströder wrote:
> HI!
>
> Are there any plans to support TLS 1.3?
Which libraries implement it? We already have support for OpenSSL 1.1.
> The 0-RTT feature could be a significant performance gain in case LDAP applications open a new TLS connection each time they check a password with a bind request.
Haven't seen it. Is it implemented server-side, client-side, or both? How is it different from
existing session caching feature? Note that slapd supports session caching by default; libldap
and clients require session caching to be explicitly enabled.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/