RFC 5077 - Transport Layer Security (TLS) Session Resumption without Server-Side State
Metadata
- RFC Number: 5077
- Title: Transport Layer Security (TLS) Session Resumption without Server-Side State
- Obsoletes: RFC 4507
- Category: Standards Track
- Published: January 2008
- Authors: J. Salowey, H. Zhou (Cisco Systems), P. Eronen (Nokia), H. Tschofenig (Nokia Siemens Networks)
Status of This Memo
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Abstract
This document describes a mechanism that enables the Transport Layer Security (TLS) server to resume sessions and avoid keeping per-client session state. The TLS server encapsulates the session state into a ticket and forwards it to the client. The client can subsequently resume a session using the obtained ticket. This document obsoletes RFC 4507.
Table of Contents
- 1. Introduction
- 2. Terminology
- 3. Protocol
- 3.1. Overview
- 3.2. SessionTicket TLS Extension
- 3.3. NewSessionTicket Handshake Message
- 3.4. Interaction with TLS Session ID
- 4. Recommended Ticket Construction
- 5. Security Considerations
- 5.1. Invalidating Sessions
- 5.2. Stolen Tickets
- 5.3. Forged Tickets
- 5.4. Denial of Service Attacks
- 5.5. Ticket Protection Key Management
- 5.6. Ticket Lifetime
- 5.7. Alternate Ticket Formats and Distribution Schemes
- 5.8. Identity Privacy, Anonymity, and Unlinkability
- 6. Acknowledgements
- 7. IANA Considerations
- 8. References
- 8.1. Normative References
- 8.2. Informative References
- Appendix A. Discussion of Changes to RFC 4507
Copyright Notice
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.