[Mono-dev] TLS 1.2 to ship in Mono 4.8 + Discussion Topic

Miguel de Icaza miguel at microsoft.com
Wed Nov 30 20:25:03 UTC 2016


We are betting the future on this particular approach to implementing TLS.

That said, the challenge is that while we have tested it, the only way of testing this is to expose more users to it.

From: Mono-devel-list <mono-devel-list-bounces at lists.dot.net> on behalf of Eberhard Beilharz <eb1 at sil.org>
Date: Wednesday, November 30, 2016 at 11:42 AM
To: "mono-devel-list at lists.dot.net" <mono-devel-list at lists.dot.net>
Subject: Re: [Mono-dev] TLS 1.2 to ship in Mono 4.8 + Discussion Topic

Miguel De Icaza Via Mono-devel-list <mono-devel-list at lists.dot.net><mailto:mono-devel-list at lists.dot.net> wrote on 2016-11-30 at 16:52 +0100:
I was thinking that perhaps this should be the default, and not an opt-in feature, but instead an opt-out feature, so that we could by default ship TLS 1.2 enabled, and if we run into a problem, users facing the problems could set MONO_TLS_PROVIDER to “legacy”.   Thoughts?
If it's considered stable enough for production use than I'd prefer to make it the default without having to set an environment variable.

I guess in the end it boils down to whether this is an experimental feature (in which case opt-in would be the way to go) or if we expect most people to use the new TLS support (in which case opt-out would be better).


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dot.net/pipermail/mono-devel-list/attachments/20161130/3d1cb889/attachment.html>

More information about the Mono-devel-list mailing list