baseTestCases := []TestSuiteCommon{
		// Init and run test on ErasureSD backend with signature v4.
		{serverType: "ErasureSD", signer: signerV4},
		// Init and run test on ErasureSD backend, with tls enabled.
		{serverType: "ErasureSD", signer: signerV4, secure: true},
		// Init and run test on Erasure backend.
		{serverType: "Erasure", signer: signerV4},
		// Init and run test on ErasureSet backend.

		{serverType: "ErasureSD", signer: signerV4},
		// Init and run test on ErasureSD backend with signature v2.
		{serverType: "ErasureSD", signer: signerV2},
		// Init and run test on ErasureSD backend, with tls enabled.
		{serverType: "ErasureSD", signer: signerV4, secure: true},
		// Init and run test on Erasure backend.
		{serverType: "Erasure", signer: signerV4},
		// Init and run test on ErasureSet backend.

pkg crypto/subtle, func XORBytes([]uint8, []uint8, []uint8) int #53021
pkg crypto/tls, method (*CertificateVerificationError) Error() string #48152
pkg crypto/tls, method (*CertificateVerificationError) Unwrap() error #48152
pkg crypto/tls, type CertificateVerificationError struct #48152
pkg crypto/tls, type CertificateVerificationError struct, Err error #48152
pkg crypto/tls, type CertificateVerificationError struct, UnverifiedCertificates []*x509.Certificate #48152

- Kubernetes now supports update LoadBalancerSourceRanges for AWS NLB([#74692](https://github.com/kubernetes/kubernetes/pull/74692), [@M00nF1sh](https://github.com/M00nF1sh))
- Kubernetes now supports configure TLS termination for AWS NLB([#74910](https://github.com/kubernetes/kubernetes/pull/74910), [@M00nF1sh](https://github.com/M00nF1sh))

pkg crypto/tls, const TLS_ECDHE_RSA_WITH_RC4_128_SHA = 49169
pkg crypto/tls, const TLS_RSA_WITH_3DES_EDE_CBC_SHA = 10
pkg crypto/tls, const TLS_RSA_WITH_AES_128_CBC_SHA = 47
pkg crypto/tls, const TLS_RSA_WITH_AES_256_CBC_SHA = 53
pkg crypto/tls, const TLS_RSA_WITH_AES_256_CBC_SHA uint16
pkg crypto/tls, const TLS_RSA_WITH_RC4_128_SHA = 5
pkg crypto/tls, const VerifyClientCertIfGiven = 3

		}
		if creds.IsTemp() && !creds.IsExpired() {
			var parentPolicy string
			u, err := globalIAMSys.GetUserInfo(ctx, creds.ParentUser)
			if err != nil {
				// Parent may be "virtual" (for ldap, oidc, client tls auth,
				// custom auth plugin), so in such cases we apply no parent
				// policy. The session token will contain info about policy to
				// be applied.
				if !errors.Is(err, errNoSuchUser) {

- Kubeadm: Removed support for mounting /etc/pki as an additional Linux system CA location
  in kube-apisever and kube-controller-manager pods. Instead, it shifted to supporting the
  mounting of /etc/pki/ca-trust and /etc/pki/tls/certs. The locations /etc/ca-certificate,
  /usr/share/ca-certificates, /usr/local/share/ca-certificates, and /etc/ssl/certs continued

  // and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real
  // kubelet.  If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the
  // connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept
  // the actual log data coming from the real kubelet).
  // +optional

- kubeadm now deletes the bootstrap-kubelet.conf file after TLS bootstrap
  User relying on bootstrap-kubelet.conf should switch to kubelet.conf that contains node credentials ([#80676](https://github.com/kubernetes/kubernetes/pull/80676), [@fabriziopandini](https://github.com/fabriziopandini))

- `client-go`, using log level 9, traces the following events of a HTTP request:
      - DNS lookup
      - TCP dialing
      - TLS handshake
      - Time to get a connection from the pool
      - Time to process a request ([#105156](https://github.com/kubernetes/kubernetes/pull/105156), [@aojea](https://github.com/aojea))

### Documentation