Summary
Current tests validate TLS/SSH builders and key behavioral paths, but we still lack a dedicated end-to-end interoperability smoke suite that exercises real local handshake/session flows via CLI-driven scenarios.
Problem
Unit tests alone may miss integration regressions at runtime boundaries (cert loading, hostname checks, host-key checks, CLI orchestration).
Proposed scope
- Add local-loop E2E smoke suite for TLS and SSH interoperability.
- Cover success and failure paths (hostname mismatch, bad host key, mTLS requirement mismatch).
- Keep tests hermetic (ephemeral keys/certs, no persistent secrets).
- Integrate into CI with bounded runtime.
Acceptance criteria
- New E2E smoke suite runs in CI and is deterministic.
- Positive and negative protocol scenarios are asserted.
- Failures provide actionable diagnostics for humans/agents.
Category
DEFER
Summary
Current tests validate TLS/SSH builders and key behavioral paths, but we still lack a dedicated end-to-end interoperability smoke suite that exercises real local handshake/session flows via CLI-driven scenarios.
Problem
Unit tests alone may miss integration regressions at runtime boundaries (cert loading, hostname checks, host-key checks, CLI orchestration).
Proposed scope
Acceptance criteria
Category
DEFER