Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id E15A9935D for ; Sat, 1 Oct 2011 23:36:03 +0000 (UTC) Received: (qmail 11311 invoked by uid 500); 1 Oct 2011 23:36:02 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 11257 invoked by uid 500); 1 Oct 2011 23:36:02 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 11249 invoked by uid 99); 1 Oct 2011 23:36:02 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 01 Oct 2011 23:36:02 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of paul@querna.org designates 209.85.216.180 as permitted sender) Received: from [209.85.216.180] (HELO mail-qy0-f180.google.com) (209.85.216.180) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 01 Oct 2011 23:35:55 +0000 Received: by qyc1 with SMTP id 1so3419029qyc.18 for ; Sat, 01 Oct 2011 16:35:33 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.101.29 with SMTP id a29mr4285619qco.96.1317512133214; Sat, 01 Oct 2011 16:35:33 -0700 (PDT) Received: by 10.229.52.138 with HTTP; Sat, 1 Oct 2011 16:35:33 -0700 (PDT) In-Reply-To: References: <4E8571E6.7070102@kippdata.de> <4E85D549.7080802@kippdata.de> Date: Sat, 1 Oct 2011 16:35:33 -0700 Message-ID: Subject: Re: [PATCH] Support for TLS Session Tickets From: Paul Querna To: dev@httpd.apache.org Content-Type: text/plain; charset=UTF-8 X-Virus-Checked: Checked by ClamAV on apache.org On Sat, Oct 1, 2011 at 9:48 AM, Stefan Fritsch wrote: > On Fri, 30 Sep 2011, Rainer Jung wrote: >> >> Thanks for the info. That would definitely be a nice feature. Would it >> be safe to use a statically defined key? Only as long as the config file >> is safe? > > As I understand it, knowledge of the session ticket key allows to > decrypt all connections that use session tickets with this key. I > think this is true even if the tls cipher itself guarantees forward > security (like DHE). If this is correct, the option certainly needs > some warnings in the documentation. > > Also, I think the config file is the wrong place for the key. Just think of > mod_info, which would display the key in the configuration. And I am also > against generating the key from some ASCII password that likely has less > entropy than the 48 bytes used for the key. > > What about specifying a file that contains the base64 encoded key? If > the file does not exist, httpd could create it with a random value and > the correct permissions. The admin would then just need to start httpd on > one server and copy the created file to the other servers. > > Or we could just document how to create it. Under Unix, it's a one- > liner: > > (umask 077; dd if=/dev/random bs=48 count=1| > openssl base64 > filename.key) How about using the private key for the certificate as a signing key as one way to get more (deterministic) data?