On Wed, 2025-06-04 at 16:08 -0700, Ryan Schmitt wrote: > Why does the default hostname verifier, as returned by > HttpsSupport.getDefaultHostnameVerifier(), check DNS names against > the > public suffix list? I don't think I've seen this behavior elsewhere, > and publicsuffix.org doesn't list this as a use case: > > https://publicsuffix.org/learn/
One may reasonably want to reject TLS connections with `*.com` subject in the certificate. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
