Bug ID 751803: TLS session ticket resumption SNI check

Last Modified: Jul 24, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Fixed In:
15.0.0

Opened: Dec 04, 2018
Severity: 3-Major

Symptoms

A TLS session ticket might be used for session resumption if the SNI does not match the original session ticket.

Impact

Session resumption might occur when the current session ticket extension SNI does not match session ticket SNI.

Conditions

-- TLS 1.2 or 1.3. -- Session ticket resumption. -- SNI does not match the original session ticket.

Workaround

None.

Fix Information

Session resumption with session ticket is now resumed only when the SNI matches the original session ticket.

Behavior Change