Hello,
this is a pretty general question and more likely related to Mono but I'm just having this problem with Android. Why is the framework having only outdated or compromised cipher suites for SSL/TLS?
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_MD5
TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
I'm pretty sure people are not even aware of that problem but there isn't a single one with Perfect Forward Secrecy. The first one should be strongest but there is that little problem with cbc mode.
The definitions can be found in the CipherSuiteFactory.cs of mono. Last update 2006 :P. I have tested it with a device too and I see the same ciphers in the 'client hello'.
So is there really no need for some protection (I know NSA will read it anyways but maybe not everybody)??? For mobile devices this problem is even more immanent because it's pretty common to use untrusted networks (wlan).
Microsoft added TLS 1.1 / 1.2 in .NET 4.5 and WindowsPhone 7.x (but only TLS 1.0) supports bit more out of the box (the ordering sux but that can be fixed by the server).
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
Thanks for your time and I hope some people will think about it.