JDK-8027781 : New jarsigner timestamp warning is grammatically incorrect
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 7u51,8
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2013-11-04
  • Updated: 2019-03-07
  • Resolved: 2016-06-17
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8 JDK 9 Other
7u231Fixed 8u201Fixed 9 b124Fixed openjdk7uFixed
Related Reports
Relates :  
JDK-8159805 - sun/security/tools/jarsigner/warnings/NoTimestampTest.java fails after JDK-8027781
Sub Tasks
JDK-8159757 :  
resource string translation for JDK-8027781 - Closed
Description
If a jar is not timestamped, the following warning is emitted (as of 7u51/8):

"This jar contains signatures that does not include a timestamp. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (%1$tY-%1$tm-%1$td) or after any future revocation date."

The phrase "signatures that does not" is grammatically incorrect. I suggest changing this to:

"This jar contains one or more signatures that do not include a timestamp. Without a timestamp, ..."

Also, if there is more than one signature that is not timestamped, just listing the expiration date of one of the certificates is misleading and confusing, since there may be other signer certs. I can't think of a very good way to address this though. It would probably be too verbose to list the expiration date of each certificate.