TLS Session Resumption support in Rebex HTTPS Legacy

Question

Using Rebex HTTPS Legacy, we want to profit from TLS Session Resumption to save energy, time and data consumption on our mobile devices.

There are two methods reusing a TLS Session with TLS 1.2:

1. Session resumption with ID/Caching according to RFC 5246

2. Session resumption with Tickets according to RFC 5077

Our server only supports the 2nd, Session resumption with Tickets, as I can see in the SSL Labs report for acm.reservix.io in the section Protocol Details:

 Session resumption (caching): No (IDs assigned but not accepted)
 Session resumption (tickets): Yes

Which of the two methods does the Rebex HTTPS Legacy library support?

Where in the Rebex protocol can I see, whether a TLS Session was reused/resumed?

Answer 1

Unfortunately, Rebex HTTPS only supports session resumption with ID/caching (RFC 5246). Session resumption with tickets (RFC 5077) is not supported.

Rebex HTTPS currently offers no API to determine whether HTTPS connection's underlying TLS session has been reused/resumed, but it can be determined from a communication log ("Trying to resume session" log message indicates session resumption attempt, "Resuming session" indicates actual resumption).