doc: updated text on session tickets

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2014-11-08 08:35:01 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2014-11-08 08:35:01 +0100
commit: 43b3f6361c97f420e99ba36723db7f206277e520 (patch)
tree: d93ae880e3afd534cf0be582f2b52a151752b273 /doc/cha-intro-tls.texi
parent: 43bc9754a4f222da094fb768c59f0783fc5527e9 (diff)
download: gnutls-43b3f6361c97f420e99ba36723db7f206277e520.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/doc/cha-intro-tls.texi b/doc/cha-intro-tls.texi
index ba4af097ba..f45b49fcfa 100644
--- a/doc/cha-intro-tls.texi
+++ b/doc/cha-intro-tls.texi
@@ -437,7 +437,14 @@ to the client. Because session parameters are sensitive they are encrypted
 and authenticated with a key only known to the server and then sent to the
 client. The Session Tickets extension is described in RFC 5077 @xcite{TLSTKT}.
 
-Since version 3.1.3 GnuTLS clients transparently support session tickets.
+A disadvantage of session tickets is that they eliminate the effects of
+forward secrecy when a server uses the same key for long time. That is,
+the secrecy of all sessions on a server using tickets depends on the ticket
+key being kept secret. For that reason server keys should be rotated and discarded
+regularly.
+
+Since version 3.1.3 GnuTLS clients transparently support session tickets,
+unless the PFS session string is specified.
 
 @node HeartBeat
 @subsection HeartBeat
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2014-11-08 08:35:01 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2014-11-08 08:35:01 +0100
commit	43b3f6361c97f420e99ba36723db7f206277e520 (patch)
tree	d93ae880e3afd534cf0be582f2b52a151752b273 /doc/cha-intro-tls.texi
parent	43bc9754a4f222da094fb768c59f0783fc5527e9 (diff)
download	gnutls-43b3f6361c97f420e99ba36723db7f206277e520.tar.gz