TlsSession save & restore

Question 1

Hi! I want to save TlsSession instance from TlsSocket to reuse it in future, how do i do it?

Question 2

This is currently not supported. We will consider adding this feature to one of the future releases.

I'm not sure this would be useful in TLS 1.2. However, for TLS 1.3, TlsSession represents a pre-shared key, so it might be useful in some scenarios.

Question 3

how do you think how long will it take to add this feature?

Question 4

Just to clarify, which of the following features are you actually looking for?
a) Ability to reuse TlsSession for subsequent TlsSocket instances within the same process (this is already supported).
b) Persist TlsSession instances (into a database or a file), making it possible to reuse them for TlsSocket instances in different processes later.
c) Use static TLS 1.3 pre-shared keys (on client side or server side).

Question 5

second option.
i want to save tlssession into my database to reuse it when i open the app again.

Question 6

We'll consider adding this in Q1 2021. One major problem with this is the fact that TLS 1.2 session actually includes the session's "master secret", which could be used to decrypt the session's communication. Because of that, persisting the session into a permanent storage could pose a security threat.

Lukas Pokorny · Answer 1 · 2020-10-12T10:00:17+0000

commented Oct 12, 2020 by tkhasss (220 points)

commented Oct 13, 2020 by Lukas Pokorny (150k points)

commented Oct 13, 2020 by tkhasss (220 points)
edited Oct 13, 2020 by tkhasss

commented Oct 15, 2020 by Lukas Pokorny (150k points)

TlsSession save & restore

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Categories

TlsSession save & restore

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Related questions

Categories