[Mono-devel-list] XSP updates

Brian Ritchie brian.ritchie at gmail.com
Wed Apr 6 12:12:17 EDT 2005


> For testing purpose you may want an option to specify (well restrict) the
> supported protocol - i.e. SSLv3 or TLSv1
Sounds good, this is very easy to do
> Another "nice" feature would be to restrict the cryptographic algorithms
> that can be used. By default SSL/TLS negotiate the "best" cipher suite based
Sounds like an interesting quest :)  Probably something for the future.

> Then there is the support for client side certificates but that may be
> outside your current goals ;-).
I'd like to support client certs, maybe after I get the core changes
committed I'll look into this.

> So for the moment I think you should write a basic helper ImportKey method
> that takes the PrivateKey (and optionally a password) and return an
> AsymmetricAlgorithm instance. That way anyone can easily extends the
> supported data format (or hardware support) in the future without touching
> the core XSP code.
Thanks for looking this over.  I am building with limited knowledge of
the limitations/strengths of the different crypto options available. 
I'll probably send more questions your way once I start implementing
this change.


More information about the Mono-devel-list mailing list