Here is an interesting post about session tickets in TLS 1.2 and possible security flaws. The author describes how session resumption works in TLS 1.2, and then discuss three possible flaws in this mechanism. He also mentions how the issues are going to be addressed in TLS 1.3
Enjoy!
WE NEED TO TALK ABOUT SESSION TICKETS
