论文信息 - Transport Layer Security (TLS) Session Resumption without Server-Side State

Transport Layer Security (TLS) Session Resumption without Server-Side State

This document describes a mechanism that enables the Transport Layer Security (TLS) server to resume sessions and avoid keeping per-client session state. The TLS server encapsulates the session state into a ticket and forwards it to the client. The client can subsequently resume a session using the obtained ticket. This document obsoletes RFC 4507. [STANDARDS-TRACK]

[1] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[2] Hao Zhou,et al. The Flexible Authentication via Secure Tunneling Extensible Authentication Protocol Method (EAP-FAST) , 2007, RFC.

[3] Donald E. Eastlake,et al. US Secure Hash Algorithms (SHA and HMAC-SHA) , 2006, RFC.

[4] Hannes Tschofenig,et al. Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) , 2005, RFC.

[5] Donald E. Eastlake,et al. Randomness Requirements for Security , 2005, RFC.

[6] Hovav Shacham,et al. Client-side caching for TLS , 2004, TSEC.

[7] Tim Wright,et al. Transport Layer Security (TLS) Extensions , 2003, RFC.

[8] A. Pfitzmann,et al. Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology , 2002 .

[9] Morris J. Dworkin,et al. Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[10] Ari Medvinsky,et al. Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) , 1999, RFC.

[11] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.

[12] Pekka Nikander,et al. Stateless connections , 1997, ICICS.

[13] Scott O. Bradner,et al. Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[14] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[15] John T. Kohl,et al. The Kerberos Network Authentication Service (V5 , 2004 .