> the attack described in https://secure-resumption.com/ breaks also tls
> channel binding tls-unique RFC 5929.
> I would still like to use tls-unique for channel binding as defined in
> SCRAM (RFC 5802). Can OpenSSL be used for channel binding and protect
> against this attack if the session caching is disabled?
> SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF)
> Is it necessary to disable resumption using a different function?
You'd also need to disable session tickets too.
Note the initiial phase of the attack requires that the attacker possess a
private key and certificate the client trusts. I'd be interested to know how
that could happen under your circumstances.