TLS 1.3 and 0-RTT - openldap-devel - openldap.org

List overview All Threads
Download

TLS 1.3 and 0-RTT

Fifth OpenLDAP Developer Day –...

Re: Regarding the feature to...

Michael Ströder

6 Aug 2018 6 Aug '18

10:15 p.m.

HI!

Are there any plans to support TLS 1.3?

The 0-RTT feature could be a significant performance gain in case LDAP applications open a new TLS connection each time they check a password with a bind request.

Ciao, Michael.

Attachments:

smime.p7s (application/pkcs7-signature — 3.7 KB)

Reply

Show replies by thread

Howard Chu

6 Sep 6 Sep

8:51 a.m.

Michael Ströder wrote:

HI!

Are there any plans to support TLS 1.3?

Which libraries implement it? We already have support for OpenSSL 1.1.

The 0-RTT feature could be a significant performance gain in case LDAP applications open a new TLS connection each time they check a password with a bind request.

Haven't seen it. Is it implemented server-side, client-side, or both? How is it different from existing session caching feature? Note that slapd supports session caching by default; libldap and clients require session caching to be explicitly enabled.

-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

Reply

2417

Age (days ago)

2447

Last active (days ago)

openldap-devel@openldap.org

1 comments

2 participants

tags (0)

participants (2)

Howard Chu
Michael Ströder