JDK-8023338 : Update jarsigner to encourage timestamping
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 7u60,8
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2013-08-20
  • Updated: 2017-05-17
  • Resolved: 2013-10-04
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
7u51 b02Fixed 8Fixed 9Fixed
Related Reports
Relates :  
Print a warning when there is no timestamp.
Suggested release note for this change: Timestamping for a signed jar is highly recommended now. Jarsigner will print out an informational warning at signing or verifying when timestamp is missing.

Removing erroneous tbd_minor value in affects version.

Full text of requirement: Update jarsigner to encourage timestamping Visibility: Open Availability: Open Background: Due to our increasing reliance on code signing and enforcing proper security practices the impact of an expired or revoked certificate is increasing. If a certificate where to be revoked, current industry standards mandate that all signatures done after the certificate is revoked must be considered untrustworthy but signatures done before the revocation can still be considered valid. If a signature is not timestamped though the only prudent course, when the certificate used to create it is revoked, is to assume that the signature was made after the certificate was revoked and no longer accept it as valid. Likewise we might choose to accept time-stamped signatures from expired certificates as valid as long as : the CA that issued the code-signing cert for the signature never trims expired certificates from their revocation lists The CA allows to revoke a certificate even after it has expired, backdating it to the date it was compromised The signature was done before the certificate was expired The certificate used to sign has not been revoked. It is therefore in the best interest of our developers to time-stamp all signatures Requirement: Update the code-signing tools in the JDK so that time-stamping is encourage. The change must be done in such a way as to allow existing code-signing scripts to work as long as the scripts can handle the additional warnings from the tool. The code-signing documentation must be updated accordingly.