ANSSI Reco-TLS v1.2 §2.5

Rotation des clés de session-ticket

UnveilScan findings mapped to this control

The scanner emits 1 distinct finding on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

tls.ticket_key_not_rotated ⏱ 1h

TLS — Ticket key not rotated

Risk if ignored: A single ticket-key exfiltration lets the attacker decrypt every past session encrypted under it (forward-secrecy loss).

security

Also maps to 1 other control

PCI-DSS 4.0 4.2.1 — Strong cryptography and security protocols