JDK-6802846 : jarsigner needs enhanced cert validation(options)
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: solaris_10,7
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic,solaris_10
  • CPU: generic,sparc
  • Submitted: 2009-02-09
  • Updated: 2017-05-16
  • Resolved: 2009-04-11
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7
7 b55Fixed
Related Reports
Duplicate :  
Duplicate :  
Description
Jarsigner needs enhanced certificate validation
(options) to make it more usefull AND documentation 
needs to be more clear on exactly what "jar verified" 
means to the customer.

While the encrypted content is verified, the source
(certificate) of the content is not, which may lead 
the user into a false sense of security if he/she 
does NOT clearly understand the meaning of "verified".

IF the user does try to use the options provided to 
accurately qualify the verification of the jarfile
certs, he/she has to slog through the output scanning
for key flags. If a user has 1000s of files this
can be very cumbersome and may lead to the user either
making mistakes or not checking the certs properly or
at all given the difficulty in doing so. The utility 
should provide the user an easier way to check for this.

Comments
EVALUATION http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b752110df530
27-03-2009

EVALUATION Updates: 1. -verbose:suboptions 2. -strict 3. -verify jarfile aliases...
27-03-2009