azuresessiontls1.2tls1.1

What is the difference between session resumption in TLS v1.1vs TLS v1.2?


Scenario: We are planning to implement Session resumption to reduce data usage to handle multiple reconnect issue.

Our Azure system is using tls v1.1 , I just checked Session resumption is available in tls v1.1. All these days I was in an assumption it is only available in tls v1.2.

Question: Can someone tell me should I really want to upgrade towards tls v1.2 or I can stay with tls v1.1 itself to achieve the same ?

Reference: https://www.rfc-editor.org/rfc/rfc4346#appendix-F.1.4

Any suggestion guys ?


Solution

  • There is no easy answer to this. There are several factors that have to be taken into account:

    If answer to the above is yes, then you could enforce TLS 1.2. However, there might be other scenarios, that I might have taken into account. So you will have to do a run through of the scenarios that can possible exist.