[Mono-list] Mono.Security.Protocol.Tls and Microsoft's CLR

Sebastien Pouliot sebastien.pouliot at gmail.com
Thu Oct 6 15:12:14 EDT 2005 

Hello Brent,

On Thu, 2005-06-10 at 11:54 -0700, Brent 'Dax' Royal-Gordon wrote:
> I'm looking at writing a cross-platform (and cross-runtime) app in C#
> which requires a TLS (SSL) socket.  But in Microsoft's typical
> fashion, they've omitted this from their .Net class library.  

A new SslStream class will be available in Fx 2.0.

> It looks
> like Mono.Security has a class to handle TLS connections, but I have a
> few questions:
> 
>   * Does Mono.Security.Protocol.Tls do what I think it does?

It depends on your imagination, e.g. it never made me any coffee ;-)
But it can be used as for client and server side SSL3/TLS1 sessions,
including support for client certificates.

>   * Is it one of the libraries covered under the LGPL? 

No, it's available under MIT X.11 license (like most of Mono's class
libraries).
http://www.opensource.org/licenses/mit-license.php

>  Are there any
> licensing issues that would preclude me from distributing it to users
> and using it with Microsoft's CLR?  (Note that I haven't decided how
> I'm licensing my code.  GPL or another open license may be a
> possibility, but I'm not sure yet.)

MIT X.11 has very few restrictions - but I do recommend anyone to read
any license before using binary/source code.

>   * Is the implementation Mono-specific?  

No, it will work with both Mono and MS runtimes/class libraries.

> Are there technical issues
> that would keep me from using it with Microsoft's CLR?

Mono doesn't ship with any trusted root certificates (in parts because
of license restrictions). You'll need to provide them directly (e.g.
source, install...) or indirectly (instructions) with your application.

You can find more details at
http://www.mono-project.com/FAQ:_Security

>   * Could this be handled by simply putting Mono.Security.dll in my
> program's directory?

Yes.

>   Would there be any problem dealing with root
> certificates?

See previous comment about "technical issues".

>   * If for whatever reason using Mono.Security isn't an option, does
> anyone know of a library I could use for this?

There are several closed source libraries that offer SSL/TLS. Mentalis
also has a open source SSL implementation for .NET.

> Thanks for any advice.

Have fun!

> --
> Brent 'Dax' Royal-Gordon <brent at brentdax.com>
> Perl and Parrot hacker (most of the time)
> _______________________________________________
> Mono-list maillist  -  Mono-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-list

More information about the Mono-list mailing list