News  [SoftwareSite

Latest News
Older News
RSS Feed
 
Complete Projects
Useful Classes
Top Downloads
Message Board
AllAPI.net
 
Send Comments
Software License
Mentalis.org Buttons
Donate
 
Forums -> Security Library Forum
 
New to SSL protocol  
by Hasani
posted on 2003/09/20

If I create a TcpListener using the constructor that requires only the port#, is all data sent/receive to connected clients encrypted.

basically, are the streams already encrypted when I don't specify a 'Security Options'

I thank you for offering this class btw, especially for free.

by Hasani
posted on 2003/09/20

I just came across this
http://www.mentalis.org/soft/projects/seclib/docs/ssl_upgrade.html

this should be able to answer my questions.

by Hasani
posted on 2003/09/21

I spent the last hr trying to find a simple way to create a free certification. Seems dragging and dropping a certification from IE is my best bet. Is there anyway I can test to make sure the data tranmitted over the SecureNetworkStream is encrypted or not?

by Hasani
posted on 2003/09/21

I'm using 'SslAlgorithms.RSA_3DES_168_SHA | SslAlgorithms.NULL_COMPRESSION' for my AllowedAlgorithms.

by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2003/09/21

The SecureSocket does not support unencrypted data transmission if SSL or TLS is used. So if you specify SecureProtocol.Ssl3 or SecureProtocol.Tls1 [or the combination of both protocols] in the SecurityOptions instance you pass to the SecureNetworkStream, you can rest assured that your data is encrypted.

P.S., I would recommend that you use SslAlgorithms.SECURE_CIPHERS instead of "SslAlgorithms.RSA_3DES_168_SHA | SslAlgorithms.NULL_COMPRESSION". This allows the SecureSocket to negotiate even more secure ciphers than TripleDES [such as the AES algorithm], if possible.

by Hasani
posted on 2003/09/21

thx 4 the quick respons
:)

 

Copyright © 2002-2007, The Mentalis.org Team. All rights reserved.
This site is located at http://www.mentalis.org/
Send comments to the webmaster.