EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Why SecureBlackbox?

Posted: 02/09/2010 14:44:13
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

could anybody of the knowing shortly summarize the benefits of SecureBlackbox compared to the native SSL support in .net 2.0? I think, .net doesn't support DTLS, but TLS should be fine, or?

Posted: 02/10/2010 00:38:19
by Eugene Mayevski (Team)

It's easier to say what .NET supports, rather than what it doesn't support.

Just a few things .NET doesn't support:
1) complete control over certificates being sent by the server or used for client-side authentication. With .NET, if you need to do anything non-trivial, such as perform custom certificate validation or provide a certificate chain from file, this is either impossible or very non-trivial.
2) control over session resumption.
3) compression
4) TLS extensions
5) TLS 1.2
6) AES and Camellia algorithms
7) Elliptic-curve algorithms
8) GOST algorithms
9) PKCS#11 interface to access certificates on cryptographic devices
10) need more?

Sincerely yours
Eugene Mayevski
Posted: 02/10/2010 01:54:25
by neil young (Standard support level)
Joined: 11/05/2007
Posts: 96

Hold on, hold on :)
Thanks for this nice PRO BlackBox list. I hope, you don't treat my question as offense.
I'm especially focused on DTLS, client authentication. For this I suppose to not have the sufficient support in native .net. Up to now I was auccessfully using .net SslStream together with a non HTTP TCP connection vs. Apple Push Notification Service. That workes great, so my confusion concerning the need for SBB comes from this.
Posted: 02/10/2010 02:03:54
by Eugene Mayevski (Team)

This is a list for regular SSL/TLS, i.e. the things that you don't have with SslStream

Sincerely yours
Eugene Mayevski



Topic viewed 1126 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!