TLS1.3 会话的 SSLSessionID 等价物是什么
What is the equivalent of SSLSessionID for TLS1.3 sessions
在 TLSv1.2 中,客户端能够使用 SSLSessionID 恢复。此 ID 在多个恢复会话中保持不变。
在我修改过的 apache 网络服务器中,我有一个逻辑,它根据 SSLSessionID 检查会话 cookie。如果同一个 cookie 的 SSLSessionID 发生了变化,我将放弃请求。
现在我如何在 TLSv1.3 中实现这一点。 (恢复会话不是问题,这有效。)
问题是,每个请求的 SSLSessionID 都会更改,resumed 会话也是如此。
显然我的机制不再有效,所以我需要一个在恢复的会话中保持不变的标识符。
TL;DR:没有严格的等效项,因为该功能已被删除。但是为了类似的需求引入了新的会话票。
RFC 8446 在 TLS 1.3 上是这样说的:
2.2. Resumption and Pre-Shared Key (PSK)
[..]
In TLS 1.2 and below, this functionality was provided by "session IDs"
and "session tickets" [RFC5077]. Both mechanisms are obsoleted in TLS
1.3.
关于 ClientHello 的第 4.1.2 节也描述了此扩展:
legacy_session_id:
Versions of TLS before TLS 1.3 supported a
"session resumption" feature which has been merged with pre-shared
keys in this version (see Section 2.2). A client which has a
cached session ID set by a pre-TLS 1.3 server SHOULD set this
field to that value. In compatibility mode (see Appendix D.4),
this field MUST be non-empty, so a client not offering a
pre-TLS 1.3 session MUST generate a new 32-byte value. This value
need not be random but SHOULD be unpredictable to avoid
implementations fixating on a specific value (also known as
ossification). Otherwise, it MUST be set as a zero-length vector
(i.e., a zero-valued single byte length field).
您能找到的最接近的是一张新的“会话票”,请参阅§4.6.1
但是,如果您转到 https://ssl-config.mozilla.org/ 之类的内容,您会看到所有配置都是在禁用会话票证的情况下完成的。
您可以查看 https://timtaubert.de/blog/2017/02/the-future-of-session-resumption/ 了解 1.2 和 1.3 之间的变化
在 TLSv1.2 中,客户端能够使用 SSLSessionID 恢复。此 ID 在多个恢复会话中保持不变。
在我修改过的 apache 网络服务器中,我有一个逻辑,它根据 SSLSessionID 检查会话 cookie。如果同一个 cookie 的 SSLSessionID 发生了变化,我将放弃请求。
现在我如何在 TLSv1.3 中实现这一点。 (恢复会话不是问题,这有效。)
问题是,每个请求的 SSLSessionID 都会更改,resumed 会话也是如此。
显然我的机制不再有效,所以我需要一个在恢复的会话中保持不变的标识符。
TL;DR:没有严格的等效项,因为该功能已被删除。但是为了类似的需求引入了新的会话票。
RFC 8446 在 TLS 1.3 上是这样说的:
2.2. Resumption and Pre-Shared Key (PSK)
[..]
In TLS 1.2 and below, this functionality was provided by "session IDs" and "session tickets" [RFC5077]. Both mechanisms are obsoleted in TLS 1.3.
关于 ClientHello 的第 4.1.2 节也描述了此扩展:
legacy_session_id:
Versions of TLS before TLS 1.3 supported a "session resumption" feature which has been merged with pre-shared keys in this version (see Section 2.2). A client which has a cached session ID set by a pre-TLS 1.3 server SHOULD set this field to that value. In compatibility mode (see Appendix D.4), this field MUST be non-empty, so a client not offering a pre-TLS 1.3 session MUST generate a new 32-byte value. This value need not be random but SHOULD be unpredictable to avoid implementations fixating on a specific value (also known as ossification). Otherwise, it MUST be set as a zero-length vector (i.e., a zero-valued single byte length field).
您能找到的最接近的是一张新的“会话票”,请参阅§4.6.1
但是,如果您转到 https://ssl-config.mozilla.org/ 之类的内容,您会看到所有配置都是在禁用会话票证的情况下完成的。
您可以查看 https://timtaubert.de/blog/2017/02/the-future-of-session-resumption/ 了解 1.2 和 1.3 之间的变化