RFR: 8349910: Implement JEP 517: HTTP/3 for the HTTP Client API [v8]

Daniel Jeliński djelinski at openjdk.org
Wed Jun 25 11:04:41 UTC 2025


On Tue, 10 Jun 2025 22:55:31 GMT, Artur Barashev <abarashev at openjdk.org> wrote:

>> src/java.base/share/classes/sun/security/ssl/CertificateMessage.java line 1221:
>> 
>>> 1219:                         tm.checkClientTrusted(
>>> 1220:                                 certs.clone(),
>>> 1221:                                 authType);
>> 
>> This call doesn't check against `SSLAlgorithmConstraints` unlike 2 calls for `SSLSocket` and `SSLEngine` above.
>
> What would be the reason it's not addressed like in `checkServerCerts` below?

That will be addressed in the next update.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2166438709


More information about the net-dev mailing list