ok2c commented on PR #647: URL: https://github.com/apache/httpcomponents-client/pull/647#issuecomment-2952014954
> non-trivial runtime overhead of loading and querying the PSL TLS represents non-trivial runtime overhead in general and the hostname verification is a very marginal part of it. I am not in favor of disabling hostname validation against PLS by default. It is not useless. What we can do, though, is to switch `HostnameVerificationPolicy` to `BUILTIN` by default and disable our own hostname verification code entirely. The users would have to opt in by choosing `CLIENT` or `BOTH` or explicitly setting an `HttpClientHostnameVerifier` at construction time. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
