From 6e4048fb0ddb0d2dd0bb2c78b4f980347e067e4c Mon Sep 17 00:00:00 2001
From: Chengyuan Zhang <chengyuanzhang@google.com>
Date: Wed, 16 Sep 2020 10:07:52 -0700
Subject: [PATCH] Revert "SECURITY.md: add instruction for disabling
 Conscrypt's default TrustManager (#6962)" (#7428)

This reverts commit e089ceaadca78029c7c984eeb0ff199b2fbd78b4.
---
 SECURITY.md | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index 5aeff1353494..631b4396fce0 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -232,14 +232,9 @@ import java.security.Security;
 ...
 
 // Somewhere in main()
-Security.insertProviderAt(
-    Conscrypt.newProviderBuilder().provideTrustManager(false).build(), 1);
+Security.insertProviderAt(Conscrypt.newProvider(), 1);
 ```
 
-Note: according to [Conscrypt Implementation Notes](https://github.com/google/conscrypt/blob/2.4.0/IMPLEMENTATION_NOTES.md#hostname-verification),
-its default `HostnameVerifier` on OpenJDK always fails. This can be worked 
-around by disabling its default `TrustManager` implementation as shown above.
-
 ### TLS with Jetty ALPN
 
 **Please do not use Jetty ALPN**