On Fri, 15 May 2026 07:44:15 GMT, Volkan Yazici <[email protected]> wrote:
>> src/java.base/share/classes/javax/net/ssl/SNIHostName.java line 173:
>>
>>> 171: * a decision depending on its context; e.g., propagate the
>>> failure, or
>>> 172: * report the issue and skip {@linkplain
>>> SSLParameters#setServerNames(List)
>>> 173: * the SNI server name configuration}.
>>
>> The wording in this API note is bit unusual. Is this API note needed? It is
>> useful to suggest that the SNI server name configuration should be skipped?
>
> Corpus search had revealed that many use sites did not catch `IAE`. Recall
> that this was the reason we've decided to introduce new static factory
> methods instead of introducing stricter checks to existing constructors. This
> API note was intended to guide users in the desired usage pattern:
>
> 1. Give leeway to further future restrictions.
> 2. Thrown `IAE` can be used to skip SNI server name configuration, instead of
> failing the entire TLS/SSL configuration. This is also what we do in
> `sun.security.ssl.Utilities#rawToSNIHostName`.
>
> Maybe @artur-oracle can weigh in if this problem also resonates with him and
> this API note does indeed help with mitigating the problem?
This sentence is kind of obvious: `Code using this method is expected to handle
thrown exceptions and make a decision depending on its context`. And I'm not
sure as well if we should recommend skipping anything.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/30747#discussion_r3260568469
