RFR: 8349910: Implement JEP 517: HTTP/3 for the HTTP Client API [v8]
Daniel Jeliński
djelinski at openjdk.org
Wed Jun 25 11:04:41 UTC 2025
On Tue, 10 Jun 2025 22:55:31 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/CertificateMessage.java line 1221:
>>
>>> 1219: tm.checkClientTrusted(
>>> 1220: certs.clone(),
>>> 1221: authType);
>>
>> This call doesn't check against `SSLAlgorithmConstraints` unlike 2 calls for `SSLSocket` and `SSLEngine` above.
>
> What would be the reason it's not addressed like in `checkServerCerts` below?
That will be addressed in the next update.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2166438709
More information about the net-dev
mailing list