httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Querna <p...@querna.org>
Subject Re: [PATCH] Support for TLS Session Tickets
Date Sat, 01 Oct 2011 23:35:33 GMT
On Sat, Oct 1, 2011 at 9:48 AM, Stefan Fritsch <sf@sfritsch.de> wrote:
> On Fri, 30 Sep 2011, Rainer Jung wrote:
>>
>> Thanks for the info. That would definitely be a nice feature. Would it
>> be safe to use a statically defined key? Only as long as the config file
>> is safe?
>
> As I understand it, knowledge of the session ticket key allows to
> decrypt all connections that use session tickets with this key. I
> think this is true even if the tls cipher itself guarantees forward
> security (like DHE). If this is correct, the option certainly needs
> some warnings in the documentation.
>
> Also, I think the config file is the wrong place for the key. Just think of
> mod_info, which would display the key in the configuration. And I am also
> against generating the key from some ASCII password that likely has less
> entropy than the 48 bytes used for the key.
>
> What about specifying a file that contains the base64 encoded key? If
> the file does not exist, httpd could create it with a random value and
> the correct permissions. The admin would then just need to start httpd on
> one server and copy the created file to the other servers.
>
> Or we could just document how to create it. Under Unix, it's a one-
> liner:
>
> (umask 077; dd if=/dev/random bs=48 count=1|
> openssl base64 > filename.key)

How about using the private key for the certificate as a signing key
as one way to get more (deterministic) data?

Mime
View raw message