[Breaking change]: Change default of SslServerAuthenticationOptions.AllowRenegotiation to false #28372
Description
Description
PR dotnet/runtime#65777 changed the default value of the SslServerAuthenticationOptions.AllowRenegotiation property to false.
Original issue: dotnet/runtime#65547
Version
.NET 7 Preview 3
Previous behavior
Client-side renegotiation was allowed by the server by default.
New behavior
Client-side renegotiation must be explicitly enabled on the server side.
Type of breaking change
- Binary incompatible: Existing binaries may encounter a breaking change in behavior, such as failure to load/execute or different run-time behavior.
- Source incompatible: Source code may encounter a breaking change in behavior when targeting the new runtime/component/SDK, such as compile errors or different run-time behavior.
Reason for change
Client-side Renegotiation is viewed as insecure by the industry (e.g. it has been removed from TLS 1.3 entirely). We should disable it by default.
Recommended action
If client-side renegotiation is required, set the SslServerAuthenticationOptions.AllowRenegotiation to true when initializing server-side of the SslStream.
Feature area
Networking
Affected APIs
Besides SslServerAuthenticationOptions class itself, following overloads of SslStream.AuthenticateAsServer are affected, as they construct SslServerAuthenticationOptions internally
public virtual void AuthenticateAsServer(X509Certificate serverCertificate);
public virtual void AuthenticateAsServer(X509Certificate serverCertificate, bool clientCertificateRequired, bool checkCertificateRevocation);
public virtual void AuthenticateAsServer(X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation);