Session recommendations #55
Description
Some older Apache versions (like 2.4.6 in RHEL / CentOS 7) don't support a limited lifetime for session tickets. This could undermine the forward secrecy for long running processes if session tickets are enabled. In those cases recommending session tickets over session resumption (or even using them at all) probably isn't a good idea.
I'm not really sure how the recommendations could be improved, though. This is probably only a problem with some very specific Apache versions.