Tls plugin - TLS 1.3 PSK mode

Hey guys,

Please correct me if I’m wrong but in TLS 1.2 the possible options for session resumption were session IDs and tickets, while the session IDs are kept on the server side and the tickets on the client side.
Caddy (and GO) only supported the tickets option.

In TLS 1.3, as far as I understand, the mechanism is different (PSK (pre shared key)) but the two options (server-side\client-side) still exist, and GO supports both of them.

What does Caddy support by default? Is there a way to disable the server-side-store and enable the tickets option for TLS 1.3 in order to not have to deal with cache size and stuff like that?

An explanation about GO’s TLS 1.2 session resumption support and the session options in TLS 1.3: tls package - crypto/tls - pkg.go.dev
And the ticket option in TLS 1.3 is called “SessionTicketKey” in the same source mentioned above.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.