Today, we are releasing Preview 2 of Rebex Total Pack 2019 R4 release with TLS 1.3 support on a wide range of .NET platforms and operating systems.
It adds TLS 1.3 support to Rebex HTTPS, WebSocket, FTP, IMAP, POP3, SMTP, EWS and Telnet components. We have made substantial improvements since Preview 1 and if all goes well, Preview 2 is going to be the last preview version, with final R4 release coming next month. To give Preview 2 a try:
- Download Rebex Total Pack 2019 R4 Preview 2.
- Reference the assemblies you need from your application.
- Set your Rebex NuGet license key.
- Enable TLS 1.3 via [client]
If you find any issues, please let us know as soon as possible so we can fix them ahead of R4 release.
Preview 2 supports TLS 1.3 on the following platforms:
- .NET Core 3.0 Preview 9 on Windows, Windows IoT, Linux and macOS
- .NET Core 2.1/2.2 on Windows, Linux and macOS
- .NET Core 1.0/1.1 on Windows 7 SP1 or higher
- .NET Framework 4.5-4.8 on Windows 7 SP1 or higher
- .NET Framework 2.0/3.5/4.0 on Windows XP SP3 or higher (needs a plugin on Windows XP SP3)
- Mono 4.0 or higher (needs a plugin)
- Xamarin.Android 8 or higher (needs a plugin)
- Xamarin.iOS 10.3 or higher (needs a plugin)
TLS 1.3 is a major overhaul of TLS 1.2, so we used this opportunity to develop a modern fully asynchronous and full-duplex managed C# implementation that is going to last for many years. As of Preview 2, we have implemented all mandatory TLS 1.3 cipher suites and extensions and many of the optional ones as well:
- PSK resumption (all modes) (
- HelloRetryRequest support
- Middlebox Compatibility Mode support
- Server Name Indication (
- Cookies (
secp256r1(NIST P-256) key exchange
secp384r1(NIST P-384) key exchange
secp521r1(NIST P-521) key exchange
X25519key exchange (needs a plugin on all platforms)
rsa_pkcs1_sha1legacy signature scheme
ecdsa_sha1legacy signature scheme
For Rebex HTTPS, use the following code:
// Replace the key with your Rebex NuGet key. // More info: https://www.rebex.net/kb/license-keys/ Rebex.Licensing.Key = "==AOIojyDM+DZjQGV7F85lcauiygcmkEiz4dVIjXDTka2w=="; // Enable TLS 1.3 via TLS/SSL settings. var client = new Rebex.Net.WebClient(); client.Settings.SslAllowedVersions |= TlsVersion.TLS13; client.DownloadString("https://example.org/");
In other Rebex components, TLS 1.3 can be enabled in a similar way via
Settings.SslAllowedVersions featured by classes such as
Imap, and so on.
More features coming soon
We are now concentrating on releasing version R4 in October. Once we are done, we'll start adding more features:
- Tweakable settings (feature set is currently hardcoded)
- Finite Field Groups (DHE) key exchange (available upon request)
TLS_CHACHA20_POLY1305_SHA256cipher suite (in progress)
- KeyUpdate support (experimental support)
- PostHandshake-Auth support (experimental support)
- TLS Socket API (available upon request)
- TLS Socket API (sync/async) with Scatter-Gather IO support (planned for 2020)
- Server-side TLS 1.3 (planned for 2020)