On Thu, 2015-02-05 at 16:06 +0100, Christopher BROWN wrote: > Hello Oleg, > > Congratulations on the release. I have a quick question concerning one > item in the release notes, but don't have a suitable network to test it on. > > * Default SSL hostname verifier and default cookie policy now validate > > certificate identity and cookie domain of origin against the public > > suffix list maintained by Mozilla.org <https://publicsuffix.org/list> > > > > What happens if HTTP client is used in a network where "publicsuffix.org" > can't be reached? Sometimes, we have customers that apply excessive > restrictions on access to external networks, whilst still using HTTPS for > internal servers. Will it raise an exception? Will it slow down > connections? Can it be disabled if either of these two questions are in > fact problematic (it of course makes a lot of sense NOT to disable it). > > Thanks, > Christopher
HC 4.4 ships with a local copy of the list. HC will make no outbound requests to publicsuffix.org. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
