Scenario: We are planning to implement Session resumption to reduce data usage to handle multiple reconnect issue.
Our Azure system is using tls v1.1 , I just checked Session resumption is available in tls v1.1. All these days I was in an assumption it is only available in tls v1.2.
Question: Can someone tell me should I really want to upgrade towards tls v1.2 or I can stay with tls v1.1 itself to achieve the same ?
Reference: https://www.rfc-editor.org/rfc/rfc4346#appendix-F.1.4
Any suggestion guys ?
There is no easy answer to this. There are several factors that have to be taken into account:
If answer to the above is yes, then you could enforce TLS 1.2. However, there might be other scenarios, that I might have taken into account. So you will have to do a run through of the scenarios that can possible exist.