Bug ID: JDK-8134497 Add TLS support for RFC 5077 Session Ticket

Type: Enhancement
Component: security-libs
Sub-Component: javax.net.ssl
Affected Version: 8u51

Priority: P3
Status: Resolved
Resolution: Duplicate
OS: linux
CPU: x86

Submitted: 2015-07-31
Updated: 2019-04-10
Resolved: 2019-04-10

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

JDK 13
13Resolved

A DESCRIPTION OF THE REQUEST :
Currently it is not possible to speed up SSL handshake negotiations using the TLS session ticket extension.

http://tools.ietf.org/html/rfc5077

There is no way of controlling the handshake to implement this manually or requesting session tickets be used as a client or server.

JUSTIFICATION :
Huge speed improvements and reduced CPU usage. 

https://blog.cloudflare.com/tls-session-resumption-full-speed-and-secure/

Any application that handles multiple connections will see a large performance improvement as the most expensive part of the handshake is skipped.



EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Allow SSLSocket objects to have the ability to implement session tickets or allow access to add TLS extensions to the handshake.
ACTUAL -
Its impossible to implement session tickets with the current library.

CUSTOMER SUBMITTED WORKAROUND :
Opening sockets with OpenSSL instead of using the java ssl library.

Duplicate :	JDK-8211018 - Session Resumption without Server-Side State
Relates :	JDK-8190697 - Provide a API to disable SSL session resumption per Application