5. Security Considerations

5.1. Invalidating Sessions

The TLS specification requires that TLS sessions be invalidated when errors occur.

5.2. Stolen Tickets

An eavesdropper or man-in-the-middle may obtain the ticket and attempt to use it to establish a session with the server.

5.3. Forged Tickets

An attacker may attempt to forge a ticket or modify an existing ticket.

5.4. Denial of Service Attacks

An adversary might generate and send a large number of ClientHello messages with invalid tickets to the server.

5.5. Ticket Protection Key Management

The security of this mechanism depends on the secrecy and strength of the ticket protection keys.

5.6. Ticket Lifetime

The ticket lifetime is a trade-off between performance and security.

5.7. Alternate Ticket Formats and Distribution Schemes

If an application uses this mechanism but specifies its own ticket format and distribution scheme, security considerations will be specific to that application.

5.8. Identity Privacy, Anonymity, and Unlinkability

This mechanism may have implications for user privacy.

5.1. Invalidating Sessions​

5.2. Stolen Tickets​

5.3. Forged Tickets​

5.4. Denial of Service Attacks​

5.5. Ticket Protection Key Management​

5.6. Ticket Lifetime​

5.7. Alternate Ticket Formats and Distribution Schemes​

5.8. Identity Privacy, Anonymity, and Unlinkability​