Suppose I want to do host-based-security similar to HTTPS. What is the canonical validation code to verify that the server certificate matches the hostname and the certificate chain is valid when I open my SslStream connection?
Yes it's just too easy (RTFD@me!). Let the framework do all that tricky authentication for you:
await sslStream.AuthenticateAsClientAsync(hostname);