RFR: 8349910: Implement HTTP/3 for the HTTP Client API [v2]
Sean Mullan
mullan at openjdk.org
Mon Apr 28 18:59:53 UTC 2025
On Wed, 23 Apr 2025 13:07:31 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> A lot of (existing) HttpClient tests in `test/jdk/java/net/httpclient` currently use this `SimpleSSLContext` construct to read the `testkeys` keystore that's available in the JDK repo's test directory. Moving to a dynamically created keystore instead of a keystore that's committed in the JDK repo seems reasonable. I think it would be better to do that as a separate task in future, since that would involve updating these existing tests to use this new mechanism too.
>
> Sounds good, this was just FYI.
I may be wrong, but it seems you only re-enable 3DES to test a non-TLS 1.3 cipher suite. But you don't have to use a 3DES suite to do that, you could use one of the suites that are already enabled (and are still considered strong), like "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256".
As a general comment, I would avoid re-enabling broken or disabled algorithms unless you specifically have to test that algorithm for some reason.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2064329287
More information about the net-dev
mailing list