c# - What checks has Mono performed when System.Net.ServerCertificateValidationCallback is triggered? -


i'm trying secure connection server in mono (actually monotouch) application. therefore have hooked system.net.servercertificatevalidationcallback(object sender, x509certificate certificate, x509chain chain, sslpolicyerrors sslpolicyerrors)

is callback supposed trigger error in case of man-in-the-middle attack? or case not detected if fake certificate's name matches real one?

is check identical how microsoft implements it?

the callback allow customize behaviour of application wrt ssl/tls results. common customization discussed in article: using trusted roots respectfully

the basic validation done system.net.servicepointmanager (link mono sources). differ bit per platform. monotouch it's call ios see if certificate(s) valid. additional, https specific, checks done on top of (to match rfc requirements http on ssl/tls).

is callback supposed trigger error in case of man-in-the-middle attack?

any error reported. includes invalid signatures of certificates ne used mitm attack. otoh errors more benign (e.g. expiration dates).

or case not detected if fake certificate's name matches real one?

https rfc requires certificate name (generally cn) match name of web site - iow detected (as long can trust dns - that's true every implementation ;-).

is check identical how microsoft implements it?

microsoft not document in details. follow x.509 checks , https rfc should pretty close.


Comments

Post a Comment

Popular posts from this blog

java - Play! framework 2.0: How to display multiple image? -

i need display gallery of photos. here template: @(photos: list[photo]) @title = { <bold>gallery</bold> } @main(title,"photo"){ <ul class="thumbnails"> @for(photo <- photos) { <li class="span3"> <a href="#" class="thumbnail"> <img src="@photo.path" alt=""> </a> </li> } </ul> } and here controller method: public static result getphotos() { return ok(views.html.photo.gallery.render(photo.get())); } and here photo bean : @entity public class photo extends model { @id public long id; @required public string label; public string path; public photo(string path, string label) { this.path = path; this.label = label; } private static finder<long, photo> find = new finder<long, photo>( long.class, photo.class); public static list<phot...
Read more

gmail - Is there any documentation for read-only access to the Google Contacts API? -

i want read-only access user's google contacts. there stackoverflow member wanted this, , received following answer : yes, there is, use https://www.googleapis.com/auth/contacts.readonly scope , "view contacts". this exchange reference read-only access google contacts can find using google. simply using access token obtained attempt read usual google contacts api (i.e. https://www.google.com/m8/feeds ) fails insufficient permissions. similarly, using google contacts api on new target fails 404 errors (for example https://www.googleapis.com/auth/contacts.readonly/default/full ). is there documentation anywhere on how use api, or permissible way access google contacts api full read-write access?
Read more

php - Controller/JToolBar not working in Joomla 2.5 -

relevant code: jtoolbarhelper::custom('savecategories', 'save', '', 'save', false, false); ... <input type="hidden" name="controller" value="easyblogcontroller"> according can dig docs , own previous questions, should call savecategories() function in easyblogcontroller . i've tried setting value easyblog , easyblog.php (file name) current easyblogcontroller (class name). clicking on save button refreshes page. not redirect, echo or var_dump test code put in savecategories() function. var_dump ing jrequest::getvar('controller') , 'task' return correct values. creating controller object , using $controller->execute('task'); works. the values going depend on location of controller trying call, , have couple options here. typically there controller in base folder of component (likely components/com_easyblog) in file called controller.php , class name inside ...
Read more