[exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90
https://bugs.exim.org/show_bug.cgi?id=2255

Phil Pennock <pdp@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |pdp@???


--- Comment #16 from Phil Pennock <pdp@???> ---
I think we should seriously consider backing out that change.

while Viktor is right that it's best to not have clients spend bandwidth on
session caching stuff, it's a client-exposed protocol-level change, which means
that clients which _demand_ session caching see a difference. The variance in
amount of traffic is fairly minimal, not worth the disruption IMO.

We might consider SSL_CTX_set_session_cache_mode(SSL_SESS_CACHE_NO_INTERNAL)
instead, to just not try to save or look up session cache stuff, but I don't
feel like digging into how portable that is across OpenSSL versions.

We're optimizing session start-up, in SMTP (which is store-and-forward, not
interactive) at the expense of client compatibility, even if it is dodgy
clients. Unless and until there's a security issue disclosed with even
offering session resumption, let's allow it?

--
You are receiving this mail because:
You are on the CC list for the bug.