+2010-03-11 Gonzalo Paniagua Javier <gonzalo@novell.com>
+
+ * TlsServerCertificate.cs: chain is built and validated in
+ System.dll now.
+
+2010-03-01 Gonzalo Paniagua Javier <gonzalo@novell.com>
+
+ * TlsServerCertificate.cs:
+ added a new callback for certificate validation that gets all the
+ certificates received from the server/client. The callee should
+ build the chain and validate it.
+
+2009-08-20 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsServerCertificate.cs: If no usage information is available then
+ assume it's ok for SSL since we'll (later) check that the CN contains
+ a host name (that match the server) and such a certificate wouldn't
+ be much useful for anything but SSL/TLS. Fix the new stmp.gmail.com
+ certificate usage failure.
+
+2007-12-15 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsServerCertificate.cs: Add support for wilcard (*) when matching
+ the target host with the certificate. Fix bug #346812
+
+2007-05-22 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsClientCertificate.cs: If possible avoid to export the private key
+ (it could be non-exportable in a different RSA class implementation).
+ Patch from Roy Versteeg to fix #81592.
+ * TlsClientCertificateVerify.cs: Add chain support for x.509 client
+ certificates. Based on Roy Versteeg patch to fix #80557.
+
+2006-12-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
+
+ * TlsServerCertificate.cs: typo.
+
+2006-09-11 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsClientFinished.cs: Use Write.Cipher instead of Cipher. Remove
+ usage of TlsStream in ProcessAsSsl3.
+ * TlsClientKeyExchange.cs: Use Negotiating.Cipher instead of Cipher.
+ Refactor to avoid code duplication between SSL3 and TLS.
+ * TlsServerCertificate.cs: Use Negotiating.Cipher instead of Cipher.
+ * TlsServerFinished.cs: Use Current.Cipher instead of Cipher. Use
+ Compare to test client and server digests equality. Remove usage of
+ TlsStream in ProcessAsSsl3.
+ * TlsServerHello.cs: Use Negotiating.Cipher instead of Cipher. Remove
+ usage of TlsStream to reduce memory allocations. Remove method
+ CompareSessionId and use the new base class Compare method instead.
+
+2006-03-16 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsClientHello.cs: Check to see if we already have a known session
+ (past or concurrent) with the same target host. If so the use this
+ session id to try to resume (i.e. abbreviated handshake).
+ * TlsServerFinished.cs: Don't reset the hasndshake stream here. The
+ stream must be resetted once BOTH the client and the server are done.
+ The order of message can be different if we use an abbreviated
+ handshake sequence which leads to an invalid handshake.
+ * TlsServerHello.cs: Add this session info to the client cache. If the
+ server sends the same session id (as we supplied) then we MUST do an
+ abbreviated handshake.
+
+2005-11-23 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsServerCertificate.cs: Add support for Netscape Server Gated
+ Crypto (2.16.840.1.113730.4) as a valid server-side EKU OID. Fix bug
+ #76804.
+
+2005-06-14 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsClientCertificate.cs: Add support for _optional_ mutual
+ authentication. SSL3 and TLS1 deals differently with this. SSL3 tested
+ with OpenSSL, TSL1 tested with OpenSSL and LDAPS/AD.
+