On Tue, 28 Apr 2026 21:40:05 GMT, Artur Barashev <[email protected]> wrote:
>> test/jdk/sun/security/ssl/SignatureScheme/TLSCurveMismatch.java line 166:
>>
>>> 164:
>>> 165: TrustManagerFactory tmf =
>>> TrustManagerFactory.getInstance("PKIX");
>>> 166: tmf.init(ks);
>>
>> Not 100% sure, but do you think initializing the TMF via the keystore will
>> give you different validation behavior than if it was initialized via
>> PKIXParameters inserted in a ManagerFactoryParameters? Might that have some
>> effect on the validation? It's a more complicated initialization, but it
>> might also be a more real-world test case.
>
> Not sure why we need to use PKIXParameters for this test, what custom
> parameters would we specify with it? This test is not about cert path
> validation. `SSLContextTemplate` is using the same TrustManager
> initialization path.
Actually, I take that back after looking at this a bit more. It's fine as-is.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/30944#discussion_r3157462628
