Thanks, everyone, for your comments! I didn't realize Httpclient-4.0 was going to be such a dramatic change to the consumers. Since that's the case this isn't such a big deal.
Mind you, upgrading (or maybe "switching" is a better word) to httpclient-4.0 should only affect the client code. This change can require people to fix their client, their server, and their DNS, and this issue might not showup for people until they hit their production environments. I imagine it will be a little stressful! Regarding: https-no-host-verify:// https-completely-insecure:// I agree with Roland and Michael that it is best if people not use them at all. But I see so many people just blindly using "easy" on the "httpclient-user" mailing list, I thought maybe "https-completely-insecure://" would scare them off. But I also agree that I'm probably being foolish, and that including it might just encourage more people! (I wonder if those schemes would have helped the public PKI situation had they been part of the standards. Probably not.) -- yours, Julius Davies 416-652-0183 http://juliusdavies.ca/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
