SocketProtectionLevel SocketProtectionLevel SocketProtectionLevel SocketProtectionLevel Enum

Definition

Specifies the level of encryption to use on a StreamSocket object.

public : enum class SocketProtectionLevel
public enum SocketProtectionLevel
Public Enum SocketProtectionLevel
var value = Windows.Networking.Sockets.SocketProtectionLevel.bluetoothEncryptionAllowNullAuthentication;
Attributes
Windows 10 requirements
Device family
Windows 10 (introduced v10.0.10240.0)
API contract
Windows.Foundation.UniversalApiContract (introduced v1)
Capabilities
bluetooth.rfcomm ID_CAP_NETWORKING [Windows Phone]

Fields

BluetoothEncryptionAllowNullAuthentication BluetoothEncryptionAllowNullAuthentication BluetoothEncryptionAllowNullAuthentication BluetoothEncryptionAllowNullAuthentication

A Bluetooth socket that prefers that encryption be used, but allows a NULL cipher (no encryption) based on the configuration of the target server.

This value is supported on Windows 8.1, Windows Server 2012 R2, and later.

BluetoothEncryptionWithAuthentication BluetoothEncryptionWithAuthentication BluetoothEncryptionWithAuthentication BluetoothEncryptionWithAuthentication

A Bluetooth socket that must use encryption. This value requires encryption and never allows a NULL cipher.

This value is supported on Windows 8.1, Windows Server 2012 R2, and later.

PlainSocket PlainSocket PlainSocket PlainSocket

A plain socket with no encryption.

Ssl Ssl Ssl Ssl

Note

This value is deprecated on Windows 8.1, Windows Server 2012 R2, and later.

A TCP socket that must use the Secure Sockets Layer (SSL) for encryption. This value requires encryption and never allows a NULL cipher (no encryption).

This value supports the SSL 3.0 and TLS 1.0 protocols and all encryption ciphers installed on the system except the NULL cipher. For domain-joined machines, an administrator can configure additional restrictions on which ciphers are allowed.

This value is marked as deprecated because it is considered insecure since RC4 and other weak ciphers are allowed. Sockets should use Tls10, Tls11, or Tls12 instead unless the target server only supports RC4 or another weak cipher.

Ssl3AllowWeakEncryption Ssl3AllowWeakEncryption Ssl3AllowWeakEncryption Ssl3AllowWeakEncryption

A TCP socket that must use SSL for encryption. This value supports the SSL 3.0 protocol and all encryption ciphers installed on the system except the NULL cipher. This value allows RC4 and other weak ciphers which are considered insecure. For domain-joined machines, an administrator can configure additional restrictions on which ciphers are allowed.

This value is supported on Windows 8.1, Windows Server 2012 R2, and later.

SslAllowNullEncryption SslAllowNullEncryption SslAllowNullEncryption SslAllowNullEncryption

A TCP socket that prefers to use SSL for encryption. This value prefers that full encryption be used, but allows a NULL cipher (no encryption) based on the server configuration.

This value supports the SSL 3.0 and TLS 1.0 protocols and all encryption ciphers installed on the system including the NULL cipher. For domain-joined machines, an administrator can configure additional restrictions on which ciphers are allowed.

The NULL cipher does no encryption, so this value does not provide confidentiality, but is integrity protected.

Tls10 Tls10 Tls10 Tls10

A TCP socket that must use SSL for encryption. This value supports the TLS 1.0 protocol and all encryption ciphers installed on the system except RC4, other weak ciphers, and the NULL cipher. For domain-joined machines, an administrator can configure additional restrictions on which ciphers are allowed.

This value is supported on Windows 8.1, Windows Server 2012 R2, and later.

Tls11 Tls11 Tls11 Tls11

A TCP socket that must use SSL for encryption. This value supports the TLS 1.1 and TLS 1.0 protocols and all encryption ciphers installed on the system except RC4, other weak ciphers, and the NULL cipher. For domain-joined machines, an administrator can configure additional restrictions on which ciphers are allowed.

This value is supported on Windows 8.1, Windows Server 2012 R2, and later.

Tls12 Tls12 Tls12 Tls12

A TCP socket that must use SSL for encryption. This value supports the TLS 1.2, TLS 1.1 and TLS 1.0 protocols and all encryption ciphers installed on the system except RC4, other weak ciphers, and the NULL cipher. For domain-joined machines, an administrator can configure additional restrictions on which ciphers are allowed.

This value is supported on Windows 8.1, Windows Server 2012 R2, and later.

Unspecified Unspecified Unspecified Unspecified

The protection level is unspecified.

Remarks

The SocketProtectionLevel enumeration allow clients to control protocol negotiation for security options with servers when using the StreamSocket object.

For TCP sockets, the various enum values allow app developers to control the use of the TLS 1.2, TLS 1.1, TLS 1.0, and SSL 3.0 protocols and restrict the use of the RC4 and other weak ciphers which are considered insecure. This allows developers to configure apps that are compatible across a very wide set of servers.

For Bluetooth RFCOMM sockets, the various enum values allow app developers to control the use of Bluetooth encryption.

The users of non-domain joined machines can also disable ciphers and protocols by using registry settings. For more information, see How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll.

The SocketProtectionLevel enumeration also allow servers to control protocol negotiation for security with clients when using the StreamSocketListener object to listen and bind to sockets over Bluetooth. When the StreamSocketListener object is used over Bluetooth, the supported SocketProtectionLevel values are PlainSocket, BluetoothEncryptionAllowNullAuthentication, or BluetoothEncryptionWithAuthentication. When the StreamSocketListener object is used to listen and bind to TCP sockets, the only supported SocketProtectionLevel value is PlainSocket.