JDK-4373294 : Warning message about expired certificate
  • Type: Enhancement
  • Component: deploy
  • Sub-Component: webstart
  • Affected Version: jaws-1.0
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: solaris_8
  • CPU: sparc
  • Submitted: 2000-09-22
  • Updated: 2002-07-30
  • Resolved: 2002-07-23
Related Reports
Duplicate :  
JDK-4649703 - Web Start should consider time-of-signing when verifying signed jars
Description
(Filed on build 6)

The test certificate janet we are using was expired already (Jan. 2000),
there should be a warning message about expired certificate is being used
to sign the application.


yu.wang@eng 2000-09-22
Comments
EVALUATION The current behavior is Java Web Start will allow expired certificates w/o further warning. The plan for tiger is to add user configuration control over the security level. config would have options: 1.) Allow expired certificates (current behavior) 2.) Allow expired certificates only after warning. (as described in this bug). 3.) Never allow expired certificates. 4.) Never allow valid certificates except those listed in config. 5.) Never allow any certificates (only run sandboxed apps). ###@###.### 2002-06-12 This is a duplicate of 4649703. Closing as a dupe. ###@###.### 2002-07-23
12-06-2002