Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8228396 Re-enable Stateless Resumption On by default for merge to mainline
  3. JDK-8242399

Release Note: Stateless Resumption Enabled by Default for JSSE Server

    XMLWordPrintable

    Details

      Description

      Server-side JSSE now operates in stateless mode by default. As described in RFC 5077[1] for TLS 1.2 and below, and RFC 8446[2] for TLS 1.3, the TLS server sends internal session information in the form of an encrypted session ticket to a client that supports stateless. That session ticket is presented to the server during the TLS handshake to resume the session. This should improve the performance and memory usage of the TLS server under large workloads as the session cache will seldom be used. Applications that depend on SSLSession to list sessions cached will not find that information in stateless mode.

      If stateless needs to be turned off, use the System property `jdk.tls.server.enableSessionTicketExtension`. Using `-Djdk.tls.server.enableSessionTicketExtension=false` on the command-line will turn off stateless and return the JSSE server to using the session cache.


      [1]: https://tools.ietf.org/html/rfc5077
      [2]: https://tools.ietf.org/html/rfc8446

        Attachments

          Activity

            People

            Assignee:
            cwayne Clifford Wayne
            Reporter:
            ascarpino Anthony Scarpino
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: