<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:49:36 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CSHARP-4862] Enable TLS1.3 Support</title>
                <link>https://jira.mongodb.org/browse/CSHARP-4862</link>
                <project id="10041" key="CSHARP">C# Driver</project>
                    <description>&lt;p&gt;The &lt;tt&gt;SslStreamFactory&lt;/tt&gt; uses &lt;tt&gt;SslStreamSettings&lt;/tt&gt; to enable TLS1.2, 1.1, and 1.0 by default:&lt;/p&gt;

&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;_enabledSslProtocols = enabledProtocols.WithDefault(SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls);&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;It notably does not enable TLS1.3 support because TLS1.3 support was added in .NET 5. (It is available in &lt;tt&gt;netcoreapp3.1&lt;/tt&gt; but not &lt;tt&gt;netstandard2.1&lt;/tt&gt;.) We need to add support for .NET 5 and enable TLS1.3 by default. We should also remove support for TLS1.0 and 1.1 by default as they have known vulnerabilities.&lt;/p&gt;

&lt;p&gt;Another possibility is to use &lt;tt&gt;SslProtocols.None&lt;/tt&gt;, which allows the operating system to choose the best protocol to use and to block protocols that are not secure. Microsoft recommends this setting unless your app has a specific reason not to. We should consider the pros and cons of explicitly enabling protocols versus deferring to the operating system.&lt;/p&gt;

&lt;p&gt;For current users of the driver, they can opt into TLS1.3 via:&lt;/p&gt;

&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;const string MONGODB_URI = &quot;&amp;lt;&amp;lt;YOUR CONNECTION STRING&amp;gt;&amp;gt;&quot;;&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;var settings = MongoClientSettings.FromConnectionString(MONGODB_URI);&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;settings.SslSettings.EnabledSslProtocols = SslProtocols.Tls13;&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;var client = new MongoClient(settings);&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;</description>
                <environment></environment>
        <key id="2515945">CSHARP-4862</key>
            <summary>Enable TLS1.3 Support</summary>
                <type id="2" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14711&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="10300" iconUrl="https://jira.mongodb.org/images/icons/priorities/medium.svg">Unknown</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="james.kovacs@mongodb.com">James Kovacs</assignee>
                                    <reporter username="james.kovacs@mongodb.com">James Kovacs</reporter>
                        <labels>
                    </labels>
                <created>Mon, 4 Dec 2023 20:45:22 +0000</created>
                <updated>Thu, 11 Jan 2024 17:42:33 +0000</updated>
                            <resolved>Thu, 11 Jan 2024 17:42:33 +0000</resolved>
                                                    <fixVersion>2.24.0</fixVersion>
                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                <comments>
                            <comment id="5945270" author="james.kovacs" created="Tue, 12 Dec 2023 18:44:08 +0000"  >&lt;p&gt;I was able to opt into TLS1.3 by adding &lt;tt&gt;(SslProtocols)12288&lt;/tt&gt; to the flags value for the enabled protocols. We cannot use &lt;tt&gt;SslProtocols.Tls13&lt;/tt&gt; directly because it isn&apos;t available until the &lt;tt&gt;net5.0&lt;/tt&gt; TFM. This should be available in the next release of the driver. Until such time, the driver can be configured externally to use TLS1.3 as demonstrated in the ticket description. &lt;/p&gt;</comment>
                            <comment id="5940145" author="JIRAUSER1268271" created="Mon, 11 Dec 2023 13:22:14 +0000"  >&lt;p&gt;Hi James,&lt;/p&gt;

&lt;p&gt;&#160; &#160; Do we have any timelines/ high level roadmap as to when the TLS 1.3 support will be added to the MongoDB .NET driver? This is for Microsoft team who are building the MongoDB connector in Azure Data Factory/ Microsoft Fabric. Not having a TLS 1.3 support is a security issue per them.&#160;&lt;/p&gt;

&lt;p&gt;Thanks in advance!&lt;/p&gt;

&lt;p&gt;Regards,&lt;/p&gt;

&lt;p&gt;Diana&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                        <customfield id="customfield_23812" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Assigned Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="26445"><![CDATA[Dotnet Drivers]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10257" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Documentation Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="11861"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_14266" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Documentation Changes Summary</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;p&gt;1.  What would you like to communicate to the user about this feature?&lt;br/&gt;
2.  Would you like the user to see examples of the syntax and/or executable code and its output?&lt;br/&gt;
3.  Which versions of the driver/connector does this apply to?&lt;/p&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i2kwx8:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>