AllowRenegotiation property on SslStream options bag is not implemented. #24577
Labels
area-System.Net.Security
enhancement
Product code improvement that does NOT require public API changes/additions
Milestone
Comments
Priya91
changed the title
|
In reference to article: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_options.html |
|
See https://tools.ietf.org/html/rfc7540#section-9.2.1. The spec says renegotiation must be disabled, it does not give a lot of reasoning as to why. I asked on the PR why you were adding the property before implementing it. Now it's time to implement it. |
|
So in that case, we want |
ghost
locked as resolved and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
It is not clear why the AllowRenegotiation property was added to the options bag in the ALPN API proposal in the issue #23157
Renegotiation is not a condition or property required for ALPN. It is not clear if this property is intended for the purposes of allowing/disallowing insecure renegotiation.
@Tratcher @geoffkizer I remember you mentioning this is required for HTTP/2 support, can you elaborate on the use-case for this property? If not, we should remove this from the API surface area, as it's not supported in implementation currently.
The text was updated successfully, but these errors were encountered: