Bug 18635 - [Client Certificates] Renegotiation Indication Extension not used for TLS extensions
Summary: [Client Certificates] Renegotiation Indication Extension not used for TLS ext...
Status: NEW
Alias: None
Product: Class Libraries
Classification: Mono
Component: Mono.Security ()
Version: 3.0.x
Hardware: PC Linux
: --- normal
Target Milestone: Future Release
Assignee: Martin Baulig
URL:
Depends on: 58891
Blocks:
  Show dependency tree
 
Reported: 2014-03-28 09:42 UTC by Mathias
Modified: 2017-09-13 19:17 UTC (History)
2 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report for Bug 18635 on GitHub or Developer Community if you have new information to add and do not yet see a matching new report.

If the latest results still closely match this report, you can use the original description:

  • Export the original title and description: GitHub Markdown or Developer Community HTML
  • Copy the title and description into the new report. Adjust them to be up-to-date if needed.
  • Add your new information.

In special cases on GitHub you might also want the comments: GitHub Markdown with public comments

Related Links:
Status:
NEW

Description Mathias 2014-03-28 09:42:09 UTC
When I create a connection to a https Server using the HttpWebRequest class and the TLS (1.0) protocol is used, the "Renegotiation indication" extension (defined in RFC5746, http://tools.ietf.org/html/rfc5746) is not set in the request. This extension is required by TLS, since it mitigates a big security problem in the TLS protocol. Some servers require that extension (for instance apache with mod_nss an NSSRequireSafeNegotiation set to on) causing HttpWebRequest to throw a WebException.
Comment 1 Mathias 2014-03-28 09:42:44 UTC
I forgot: Tested on 32-bit Linux, openSuse 13.1, mono 3.2.8