I believe there already is one. If you look back to the (awful) mono pull requests thread I believe it was mention specifically as an example.
On Tue, Dec 9, 2014 at 11:09 PM, Miguel de Icaza <mig...@xamarin.com> wrote: > Hello, > > We would love a test case to add to the test suite. > > We are building a new test suite as part of this work anyways. > > MIguel > > On Tue, Dec 9, 2014 at 3:21 PM, Edward Ned Harvey (mono) > <edward.harvey.m...@clevertrove.com> wrote: >> >> > From: Miguel de Icaza [mailto:mig...@xamarin.com] >> > >> > .NET's implementation of the TLS stack is built on top of native code, >> > so it >> > wont work on Mono. >> > >> > We have implemented TLS 1.1 and 1.2 on top of the not yet open sourced >> > networking stack and will be publishing it as soon as Microsoft open >> > sources >> > the .NET networking stack. >> >> Great news, thank you! A follow-up question: >> >> In the current released version of mono SslStream, if the server uses a >> cert that is signed by an intermediate chain, *and* a mono SslStream client >> connects, then the client rejects the cert. The root cause is because the >> server does not send the intermediate chain to the client, and the client >> fails to construct the chain. The behavior is specifically a mono-mono >> incompatibility - If either the server or the client is .Net, then the >> problem does not occur, because a windows server sends the chain to the >> client, and a windows client performs guerilla tactics to construct an >> incomplete chain. >> >> So the question is, how could it be possible to add a test for this >> behavior, presuming it will some day get fixed and then we don't want it to >> happen again? >> >> I can easily enough write example code to demonstrate the problem. But >> then there's a question about what cert to use for demonstration purposes - >> it's probably best to create a junk CA with intermediate cert, and some junk >> server cert. I could easily enough publish those certs somewhere and/or >> hard-code them into the demonstration code, with something like 30 year >> validity. > > > > _______________________________________________ > Mono-devel-list mailing list > Mono-devel-list@lists.ximian.com > http://lists.ximian.com/mailman/listinfo/mono-devel-list > -- Studying for the Turing test _______________________________________________ Mono-devel-list mailing list Mono-devel-list@lists.ximian.com http://lists.ximian.com/mailman/listinfo/mono-devel-list