[Mono-dev] Mono.Security + SecureString

Alan McGovern alan.mcgovern at gmail.com
Wed Dec 12 07:59:40 EST 2007

It'd break API compatibility, therefore it's a no-go.


On Dec 12, 2007 12:55 PM, Vladimir Giszpenc <vgiszpenc at dsci.com> wrote:

> Hi,
> As you know, in .Net Framework 2.0 Microsoft added the SecureString class
> to
> keep passwords and other private data hidden.  They did not add
> SecureString
> to the hashing or encryption/decryption providers to allow developers to
> take advantage of this new class.  Mono does not use it in PKCS12 or
> anywhere else it could.  It would be great if Mono took the lead and made
> touching private data a thing of the past.  I could list a few places
> where
> password is accepted, but I am sure the security gurus know these classes
> way better than I do.
> I realize that this is an enhancement request, but security helps to sell
> technology.  It would be nice to be able to say that Mono is more secure
> than .Net (or Java).
> Thanks,
> Vlad
> _______________________________________________
> Mono-devel-list mailing list
> Mono-devel-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-devel-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ximian.com/pipermail/mono-devel-list/attachments/20071212/f735f564/attachment.html 

More information about the Mono-devel-list mailing list