Hacker News new | past | comments | ask | show | jobs | submit login
TLS 1.2 Comes to Mono (tirania.org)
26 points by dgellow on Oct 30, 2016 | hide | past | favorite | 6 comments



Wow, they're fast. It's only been three years since all pre-1.2-ciphers were shown to be mostly insecure.


So they're using Google's BoringSSL, which according to Google itself isn't intended for general use:

> Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

(from https://boringssl.googlesource.com/boringssl/)


Just in time for TLS 1.3!


Jesus Christ that is well overdue - I know mono isn't exactly like Microsoft's projects but why Microsoft never treats security - especially cyphers and protocols with any sense of urgency baffles me.


Welcome to 2008, Mono. :- )


I wanted to post "Patches welcome!", but then I remembered, wasn't mono backed by commercial company and then bought by Microsoft? It's a shame that they are lagging behind in security critical areas.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: