val request2 = server.takeRequest()
    assertThat(tlsVersions).contains(request2.handshake?.tlsVersion)
  }

  /**
   * Verify that we don't retry connections on certificate verification errors.
   *
   * http://code.google.com/p/android/issues/detail?id=13178
   */
  @Flaky
  @Test
  fun connectViaHttpsToUntrustedServer() {
    // Flaky https://github.com/square/okhttp/issues/5222

	// time.Time does not honor xml marshaller, it means that we need
	// to encode/format it before giving it to xml marshaling.

	// This below check adds client side verification to see if its
	// truly parsable.

	// listMultipartUploadsResponse - format for list multipart uploads response.
	type listMultipartUploadsResponse struct {

    platform.assumeNotBouncyCastle()

    server.enqueue(MockResponse())
    val serverCertificate =
      HeldCertificate
        .Builder()
        .commonName("localhost") // Unusued for hostname verification.
        .addSubjectAlternativeName("wronghostname")
        .build()
    val serverCertificates =
      HandshakeCertificates
        .Builder()
        .heldCertificate(serverCertificate)

          <type>String</type>
        </field>
        <field>
          <name>checksumPolicy</name>
          <version>4.0.0+</version>
          <description>
            What to do when verification of an artifact checksum fails. Valid values are
            {@code ignore},
            {@code fail} (default for Maven 4 and above) or
            {@code warn} (default for Maven 3).
          </description>

- Added support in the kubelet's image pull credential tracking for service account-based verification. When an image was pulled using service account credentials via external credential providers, subsequent Pods using the same service account (UID, name, and namespace) could access the cached image without re-authentication for the lifetime of...

* new dhcp-domain parameter to be used for figuring out the hostname of a node ([#61890](https://github.com/kubernetes/kubernetes/pull/61890), [@dims](https://github.com/dims))
* Disable ipamperf integration tests as part of every PR verification. ([#61863](https://github.com/kubernetes/kubernetes/pull/61863), [@satyasm](https://github.com/satyasm))

			if err != nil {
				errs[pi.DeploymentID] = errSRPeerResp(fmt.Errorf("unable to create admin client for %s: %w", pi.Name, err))
				return
			}
			// set the requesting site's deploymentID for verification of peer request
			rreq.RequestingDepID = globalDeploymentID()
			if _, err = admClient.SRPeerRemove(ctx, rreq); err != nil {
				if errors.Is(err, errMissingSRConfig) {
					// ignore if peer is already removed.

 * ```
 *
 * In this example the HTTP client already knows and trusts the last certificate, "Entrust Root
 * Certification Authority - G2". That certificate is used to verify the signature of the
 * intermediate certificate, "Entrust Certification Authority - L1M". The intermediate certificate
 * is used to verify the signature of the "www.squareup.com" certificate.
 *

- The alpha feature `ServiceAccountIssuerDiscovery` enables publishing OIDC discovery information and service account token verification keys at `/.well-known/openid-configuration` and `/openid/v1/jwks` endpoints by API servers configured to issue service account tokens. ([#80724](https://github.com/kubernetes/kubernetes/pull/80724), [@cceckman](https://github.com/cceckman)) [SIG...

- Node Problem Detector is now available for GCE Windows nodes. ([#101539](https://github....