private final String proto;
    private Map<String, Object> options = null;
    private final String server;
    private String endpoint = null;
    private UUID uuid = null;
    private int major;
    private int minor;

    DcerpcBinding(final String proto, final String server) {
        this.proto = proto;
        this.server = server;
    }

    /**
     * Get the protocol for this binding.
     * @return the proto

---------------------

The above scenario is representative of most TLS set ups: the client uses certificates to validate
the identity of a server. The converse is also possible. Here we create a server that authenticates
a client and a client that authenticates a server.

```java
// Create the root for client and server to trust. We could also use different roots for each!
HeldCertificate rootCertificate = new HeldCertificate.Builder()

var validSSEReplicationHeaders = map[string]string{
	"X-Minio-Internal-Server-Side-Encryption-Sealed-Key":     "X-Minio-Replication-Server-Side-Encryption-Sealed-Key",
	"X-Minio-Internal-Server-Side-Encryption-Seal-Algorithm": "X-Minio-Replication-Server-Side-Encryption-Seal-Algorithm",
	"X-Minio-Internal-Server-Side-Encryption-Iv":             "X-Minio-Replication-Server-Side-Encryption-Iv",

### Server Binaries

filename | sha512 hash
-------- | -----------
[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.27.16/kubernetes-server-linux-amd64.tar.gz) | cbcb0591a3a84f98cf2c7abe11c5531e7f79850714abdd957be52049afed14031d0ab9c584c2e54775bceedf8833a500148d5d01335474b33cbb8b30b7ce51b3

### Server Binaries

filename | sha256 hash
-------- | -----------
[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.5.8/kubernetes-server-linux-amd64.tar.gz) | `7e17b17e967722546541fdaeead4dc40037ddce4107aa2b2a561ea577aa62101`

### Server Binaries

filename | sha512 hash
-------- | -----------
[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.29.15/kubernetes-server-linux-amd64.tar.gz) | 159698ccad0d84fd8c89c3456860225cd8ff61248c6ceefd88e62258df68aa6209f8a06963eb3afa1d8d41ea23201318483fbd62825ec23ba93b0ea3fb1f0495

- `X-Amz-Server-Side-Encryption-Customer-Key`: Base64 encoded new key.
- `X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key`: Base64 encoded current key.

Such a special COPY request is also known as S3 SSE-C key rotation.

### Server-Side Encryption with a KMS

SSE-S3 allows an S3 client to en/decrypt an object at the MinIO server using a KMS. The MinIO
server only assumes that the KMS provides two services:

        // Note: Due to normalization, all multiple backslashes are reduced to single
        // so \\server\share becomes \server\share
        String path = "\\\\server\\share\\folder";
        String normalized = validator.validatePath(path);
        assertEquals("\\server\\share\\folder", normalized);
    }

    @Test
    public void testUncPathNotAllowed() throws Exception {

    HandshakeCertificates serverCertificates = new HandshakeCertificates.Builder()
        .heldCertificate(localhostCertificate)
        .build();
    MockWebServer server = new MockWebServer();
    server.useHttps(serverCertificates.sslSocketFactory(), false);
    server.enqueue(new MockResponse());

    HandshakeCertificates clientCertificates = new HandshakeCertificates.Builder()
        .addTrustedCertificate(localhostCertificate.certificate())

  var client = clientTestRule.newClient()

  @StartStop
  private val server = MockWebServer()

  @BeforeEach
  fun setUp() {
    platform.assumeOpenJSSE()
  }

  @Test
  fun testTlsv13Works() {
    enableTls()

    server.enqueue(MockResponse(body = "abc"))

    val request = Request(server.url("/"))

    val response = client.newCall(request).execute()

    response.use {