Welcome! Log In Create A New Profile

Advanced

Re: "A" Grade SSL/TLS with Nginx and StartSSL

October 16, 2013 10:22PM
Piotr Sikora Wrote:
-------------------------------------------------------
> > ssl_session_timeout 5m;
>
> Not only doesn't it change anything (5m is the default value), but
> it's way too low value to be used.
>
> Few examples from the real world:
>
> Google : 28h
> Facebook : 24h
> CloudFlare: 18h
> Twitter : 4h
Wouldn't having a timeout that high lower the effectiveness of forward secrecy? You'd have the potential to be using the same key for up to 28 hours on Google.

I suppose most sites don't even rotate their session tickets that often, so it probably doesn't matter for a lot of people.
Subject Author Posted

"A" Grade SSL/TLS with Nginx and StartSSL

Julien Vehent October 12, 2013 05:56PM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Piotr Sikora October 15, 2013 12:40AM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Julien Vehent October 15, 2013 09:28AM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Piotr Sikora October 15, 2013 06:02PM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

Rob Stradling October 17, 2013 10:06AM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

W-Mark Kubacki October 20, 2013 05:14PM

Re: "A" Grade SSL/TLS with Nginx and StartSSL

eiji-gravion October 16, 2013 10:22PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 92
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready