The Cloudflare mTLS vulnerability - A Deep Dive Analysis
The Backend Engineering Show with Hussein Nasser
00:00
The Importance of Session Resumption
The server technically can just resume the session. And the server can also make another decision to also avoid the key exchange altogether. This is a scalable way such that the server doesn't have to remember every single client it ever resumed connection with, right? Because otherwise, if you do it statefully, the server must store the session ticket somewhere. So this way is actually stateless where technically everything is in this new ticket.
Transcript
Play full episode
