Hi Julius, > Mind you, upgrading (or maybe "switching" is a better word) to > httpclient-4.0 should only affect the client code. This change can > require people to fix their client, their server, and their DNS, and > this issue might not showup for people until they hit their production > environments. I imagine it will be a little stressful!
Thanks for bringing it to our attention. We will remember it by the time we're writing an SSL guide for 4.0. And if it hits them only in production, their integration and staging environments aren't good enough ;-) > I agree with Roland and Michael that it is best if people not use them > at all. But I see so many people just blindly using "easy" on the > "httpclient-user" mailing list, I thought maybe > "https-completely-insecure://" would scare them off. We'll be addressing that in the SSL 4.0 guide, too. And I'll see to it that the "EasySSLProtocolSocketFactory" changes it's name not only after the "SSL" part :-) > (I wonder if those schemes would have helped the public PKI situation > had they been part of the standards. Probably not.) Hardly. The point of PKI is to establish a chain of trust. You can't do that by removing the trust. cheers, Roland --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
