TLS Stateless Resume / Session Tickets
Context: The Wormly SSL Tester identifies whether an HTTPS server supports TLS Stateless Resume.
TLS Session resumption allows the reuse of a recently valid TLS session ticket - improving performance for clients making multiple requests in much the same way as SSL session caching does.
This improves performance from the clients’ perspective, because it eliminates the need for a new (and time-consuming) TLS handshake to be conducted each time a request is made.
A significant difference between TLS stateless resumption and SSL session caching is that TLS stateless resumption does not require the server to cache SSL session keys, which reduces the memory burden on the server to support large numbers of clients.
If the client or server does not support TLS session tickets then a new session must be established for each request. Most modern clients and server support this feature, so be sure to enable it on your secure web server.