[issue34971] add support for tls/ssl sessions in asyncio
Christian Heimes
report at bugs.python.org
Wed Nov 7 05:08:23 EST 2018
Christian Heimes <lists at cheimes.de> added the comment:
The session code of the ssl is not compatible with TLS 1.3. Actually the whole API doesn't work with TLS 1.3. In TLS 1.2 and before, sessions had multiple security implications. For example they break PFS.
TLS 1.3 changed when sessions are exchanged and how session are resumed. Session data is no longer part of the handshake. Instead the server can send session tickets at any point after the handshake. A server can send multiple tickets (usually two) and tickets must only be reused once.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue34971>
_______________________________________
More information about the Python-bugs-list
mailing list