When will EDF FTP.NET Support Session resumption for TLS1.3

Question 1

Customers are getting more and more FTPS Servers enforcing TLS 1.3.

They also REQUIRE session resumption, as a potential vulnerability exists when having to re-negotiate the data tunnel (there is no guarantee that is it the same client creating the data channel if it is not re-using/resuming the parameters from the already negotiated control- channel)

So, when will EDF FTP.NET Support Session resumption for TLS1.3

Question 2

We currently have two priorities - implementing aes256-gcm@openssh.com for SSH, and implementing session resumption for TLS 1.3. We expect both to do completed by end of July 2025 (estimate!).

Question 3

Hey Guys

Do we have an update to the estimate on release date as end of July is due?

Kind regards Jesper

Question 4

We've completed the gcm@openssh.com algorithms and they have been released. Session resumption won't be too much longer.

Question 5

Hey Guys. Do we have a status on the FTPS, TLS1.3 session resumption. It seems it was not included in the latest release.
Due to this issue, we can not connect, for example to newest Filezilla FTPS Servers using TLS1.3 (as they do not longer support the workaround of ignoring the unsafe pattern of not using Session resumption)

Question 6

It won't be long, we're working on it currently.

support2 · Answer 1 · 2025-05-19T12:57:24+0000

commented Aug 13 by jesper247 (120 points)

commented Aug 14 by support2 (165k points)

commented Sep 22 by jesper247 (120 points)

commented Sep 22 by support2 (165k points)

When will EDF FTP.NET Support Session resumption for TLS1.3

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Categories