TLS tickets could weaken forward secrecy
Jingle XTLS sessions are currently created using OpenSSL Context with TLS tickets (RFC 5077) enabled. As stated in section-5.8: Application designers that use the ticket mechanism described in this document should consider that unlinkability is not necessarily provided.
Disable TLS tickets (RFC 5077) in OpenSSL Context for XTLS. TLS tickets are already disabled for connections to XMPP servers.