On Wed, 13 May 2026 07:29:30 GMT, Volkan Yazici <[email protected]> wrote:
>> I've added the "csr" label as I think (and correct me if I have this wrong) >> that javax.net.ssl.SNIHostName can now fail for cases that it didn't >> previously fail. > > @AlanBateman, @artur-oracle, shall I put the changes up for display in the > CSR? Do you have any further remarks? @vy @AlanBateman I wonder if we need to essentially duplicate `new(String)` and `new(byte[])` javadocs in `ofHostName()` and `ofEncoded` using different wording? A random Java user may find it confusing. The only difference between these new static methods and the constructors is an IP check and a somewhat stricter DNS name check. I think we should keep things as simple as possible. We can do either of the following instead: 1. Copy existing constructor's javadoc text and make a few modifications for stricter checks. 2. Just link to the constructor's javadoc and note that in addition to that we do stricter checks. I think the 1st option is the current java securities code's convention. Please see `SSLSession` for an example of past depreciation. ------------- PR Comment: https://git.openjdk.org/jdk/pull/30747#issuecomment-4481071295
