id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
806	ngx_http_ssl_module: Turn off 'ssl_session_tickets' by default	Commenter123@…		"As neither nginx nor openssl rotate the session ticket key, having 'ssl_session_tickets' turned on by default is bad, as a lot of users won't use a manual ticket rotation system.

Having 'ssl_session_tickets' on without rotating the key frequently destroys PFS:
http://security.stackexchange.com/questions/102093/tls-session-tickets-what-is-the-risk-of-a-disclosed-server-ticket-key"	defect	closed	minor		nginx-module	1.9.x	wontfix			--	--