ok2c commented on PR #647: URL: https://github.com/apache/httpcomponents-client/pull/647#issuecomment-2952759601
> **I don’t see any justification for removing public-suffix matching here. Cookie management and TLS hostname verification are orthogonal concerns, and bundling them together is confusing.; @arturobernalg I can probably explain the confusion. The PSL can be used by both the cookie policy and the host name verifier. One may choose to disable PSL checks either for the state management, the TLS security, or both. What @rschmitt is proposing is to disable it for the TLS security by default (not that I agree with the proposal) but there is no risk of Cookie management and TLS hostname verification coupling here. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
