Bug ID: JDK-4649690 Java Plug-in should consider time-of-signing when verifying signed jars

JDK-4649690 : Java Plug-in should consider time-of-signing when verifying signed jars

Type: Enhancement
Component: deploy
Sub-Component: plugin
Affected Version: 1.3.1,1.4.0,1.4.1,5.0

Priority: P3
Status: Resolved
Resolution: Fixed
OS:
generic,solaris,solaris_7,windows_2000 generic,solaris,solaris_7,windows_2000
CPU: generic,x86

Submitted: 2002-03-08
Updated: 2003-11-25
Resolved: 2003-11-17

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

Other
5.0 tigerFixed

Related Reports

Duplicate :	JDK-4938222 - REGRESSION: VMInfo Applet fails to load, throws AccessControlException
Duplicate :	JDK-4485741 - Signed Jar should still work after Certificate Expires
Duplicate :	JDK-4731841 - Verisign Model Inconsistant w/ Enterprise Deployment Scenarios
Relates :	JDK-4649703 - Web Start should consider time-of-signing when verifying signed jars
Relates :	JDK-4523234 - Timestamped Signatures
Relates :	JDK-4500302 - Verification of signed jars does not consider time-of-signing.

Description

RFE 4500302 actually requests several enhancements in various places: JDK, jarsigner, PlugIn and Web Start. There is another rfe (4523234) tracking
work needed in JDK to support timestamped signatures. 

We plan to implement rfe 4523234 for Tiger (pending Tiger team approval, etc.).
Once rfe 4523234 is done, PlugIn should consider time-of-signing when verifying signed jar.

So I'm filing this rfe to track the work needed in PlugIn (if any). I'll file another rfe to track work needed in Web Start (if any).  RFE 4500302 will be used to track enhancements needed in jarsigner. I'll add notes in rfe 4500302.

Comments

CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: tiger FIXED IN: tiger tiger-beta INTEGRATED IN: tiger tiger-b29

14-06-2004

EVALUATION Yes, this is very good idea. Committed for Tiger. ###@###.### 2002-03-14 Fix in progress by Dennis. ###@###.### 2003-10-09

14-03-2002