Disabling TLS tickets makes us look unlike firefox
In #7139 (moved), we disabled TLS tickets so that we wouldn't do TLS-ticket based session resumption, to make PFS work right again on our OpenSSL connections.
On the server side, this is probably the right choice for fingerprinting: servers that don't support session resumption also don't support TLS tickets.
But on the client side, it might not be the right choice: firefox advertises support for TLS tickets, I hear. Oops.
This is a nontrivial decision to make. If a client says that it supports TLS tickets, and it is talking to an older Tor server that hasn't disabled them, it will get degraded PFS. But if a client doesn't say it supports TLS tickets, it will apparently be more distinguishable.
We backported #7139 (moved) to the 0.2.2 branch; any fix here should get backported too.