massdosage commented on PR #566: URL: https://github.com/apache/httpcomponents-client/pull/566#issuecomment-2296104023
@ok2c thanks, I took a look, we haven't used the `DefaultHostnameVerifier` component so I'm not entirely sure of its intended uses, especially with respect to wildcard certs which appears to be the issue here. Is the intention to implement https://datatracker.ietf.org/doc/html/rfc9525#security-wildcards and https://en.wikipedia.org/wiki/Public_key_certificate? If so I think the examples at https://en.wikipedia.org/wiki/Public_key_certificate#Further_examples could be good ones to aim for in the unit tests. The current examples with "ec2.compute-1.amazonaws.com" are a bit confusing as I'm pretty sure AWS would never issue a wildcard cert of that form. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
