@Mathwiz : Hope you're doing fine in the new year ; when you first posted this some days ago, I was genuinely puzzled, but since I was occupied with other matters, both in digital (!) and real life , I left it aside for future investigation; my contribution to the subject at hand was simply
which basically links to the old Bugzilla bug #967977
Today I had some extra time and decided to search the official UXP GitHub repo/issue tracker, to find proof which substantiates the report that:
(them in that context refers to TLS Session Tickets/TLS cache); I've searched specifically for code that sets the hidden pref
security.ssl.disable_session_identifiers
to true, but my search was, alas, fruitless... I then browsed @roytam1 's forked UXP repo, both branches (master+custom), for similar code signs, but to no avail, again ... So, by simply going with public source code, I found no clues that the default behaviour in either (official) PM28 and/or (forked) NM28 is to disable TLS session tickets, as you suggested...
But you are not to blame yourself , I have myself in the past "slipped" in a similar fashion... ; the blame lies on the OP, for causing undue confusion over a "supposedly" new-found issue, most likely self-inflicted:
... was the post that started all this ; as part of my investigation, I have downloaded said NM28 build (BuildID=20200104010047), as well as the one after it (BuildID=20200110230556) and guess what one finds by visiting
https://www.howsmyssl.com
in a brand new/fresh (browser) profile:
and
So, nothing has changed in NM28 with regard to TLS Session Tickets, they are enabled by default (which yields the green "Good" button in that test page) ... Once more, it was simply @msfntor 's troll-ish behaviour in posting unchecked/unverified untruths, which ended up wasting people's time...