Transport Layer Security (TLS) Session Resumption without Server-Side State
نویسندگان
چکیده
Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document describes a mechanism that enables the Transport Layer Security (TLS) server to resume sessions and avoid keeping per-client session state. The TLS server encapsulates the session state into a ticket and forwards it to the client. The client can subsequently resume a session using the obtained ticket. This document obsoletes RFC 4507.
منابع مشابه
RFC 4507 Stateless TLS Session
This document describes a mechanism that enables the Transport Layer Security (TLS) server to resume sessions and avoid keeping per-client session state. The TLS server encapsulates the session state into a ticket and forwards it to the client. The client can subsequently resume a session using the obtained ticket. Salowey, et al. Standards Track [Page 1] RFC 4507 Stateless TLS Session Resumpti...
متن کاملPerformance Improvements on the Network Level Security Protocols
In a subscription-based remote service, a user is charged a flat fee for a period of time independent of the actual number of times the service is requested. The main concern of the service manager is to make sure that only customers that have paid the fee for the current period are granted access to the service. To do this, the service manager might give each user a username and a password to ...
متن کاملRFC 5077 Stateless
Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document describes a mechan...
متن کاملVirtual Host Confusion: Weaknesses and Exploits
Transport Layer Security (TLS) is commonly used to provide server-authenticated secure channels for HTTPS web applications. From the viewpoint of the client, however, the server authentication guarantees of HTTPS are frequently misconstrued to identify a single HTTPS endpoint or origin whereas, in practice, the HTTPS server may be serving any one of a large set of origins. This issue is even mo...
متن کاملVerified Contributive Channel Bindings for Compound Authentication
Compound authentication protocols, such as EAP in IKEv2 or SASL over TLS, bind application-level authentication to a transport-level authenticated channel in order to obtain strong composite authentication under weak trust assumptions. Despite their wide deployment, these protocols remain poorly understood, leading to several credential forwarding man-in-themiddle attacks. We present formal mod...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- RFC
دوره 4507 شماره
صفحات -
تاریخ انتشار 2006