RFC4507 (including RFC4507bis) TLS stateless session resumption support

for OpenSSL.
author: Dr. Stephen Henson <steve@openssl.org> 2007-08-11 23:18:29 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2007-08-11 23:18:29 +0000
commit: 6434abbfc6ac0d5cb882844ed10fef5821039cf6 (patch)
tree: 04b0b4626e1ccd18fb80965716957144ceb839b9 /CHANGES
parent: e45c100762baaaa0bfd9e9db136192ec09286a55 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 7ff2ec4299..9a16133f03 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,24 @@
 
  Changes between 0.9.8f and 0.9.9  [xx XXX xxxx]
 
+  *) Add RFC4507 support to OpenSSL. This includes the corrections in
+     RFC4507bis. The encrypted ticket format is an encrypted encoded
+     SSL_SESSION structure, that way new session features are automatically
+     supported.
+
+     If a client application caches session in an SSL_SESSION support it
+     should automatically be supported because an extension includes the
+     ticket in the structure. The SSL_CTX structure automatically generates
+     keys for ticket protection in servers so again support should be possible
+     with no application modification.
+
+     If a client or server wishes to disable RFC4507 support then the option
+     SSL_OP_NO_TICKET can be set.
+
+     Add a TLS extension debugging callback to allow the contents of any client
+     or server extensions to be examined.
+     [Steve Henson]
+
   *) Final changes to avoid use of pointer pointer casts in OpenSSL.
      OpenSSL should now compile cleanly on gcc 4.2
      [Peter Hartley <pdh@utter.chaos.org.uk>, Steve Henson]
author	Dr. Stephen Henson <steve@openssl.org>	2007-08-11 23:18:29 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2007-08-11 23:18:29 +0000
commit	6434abbfc6ac0d5cb882844ed10fef5821039cf6 (patch)
tree	04b0b4626e1ccd18fb80965716957144ceb839b9 /CHANGES
parent	e45c100762baaaa0bfd9e9db136192ec09286a55 (diff)