Propose SSLSessionTickets directive.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1654482 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/STATUS b/STATUS
index ceff9a821949e94853cc196711f2608c102d076e..32d7dac98b32825ffc84580bc994d3a2c97b8969 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -159,6 +159,18 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
      2.2.x patch: trunks works (plus CHANGES)
      +1 rjung
 
+   * mod_ssl: Add SSLSessionTickets (on|off). [Rainer Jung]
+     It controls the use of TLS session tickets (RFC 5077).
+     Default is unchanged (on).
+     Using session tickets without restarting the web server with
+     an appropriate frequency (e.g. daily) compromises perfect forward
+     secrecy. As long as we do not have a nice key management
+     there needs to be a way to deactivate the use of session tickets.
+     trunk patch: http://svn.apache.org/r1650310
+                  http://svn.apache.org/r1650320
+     2.2.x patch: http://people.apache.org/~ylavic/httpd-2.2.x-SSLSessionTickets.patch
+     +1: ylavic
+
 PATCHES/ISSUES THAT ARE STALLED
 
    * mod_proxy_balancer: Always initialize the shared parameters of a load