Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8027135

[regression] Applications with Permissions attribute signed with expired certificate are blocked on High security level

    Details

    • Subcomponent:
    • Introduced In Build:
      b03
    • Introduced In Version:
    • Resolved In Build:
      b05
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Verified

      Backports

        Description

        The latest UE flow for 7u51: http://aseng-wiki.us.oracle.com/asengwiki/display/ASUsability/Summary+of+Tighter+JRE+Security+Dialogs#SummaryofTighterJRESecurityDialogs-JDK7u51%28Jan2014%29
        introduces (for the first time) differant behavior for self-signed cert as for expired cert.
        The implementation treats them the same, as SecuritySettings.isExpiredAllowed() simply returns the value for isSelfSignedAllowed(). This was OK in past (since value was always the same) but now we need to have seperate entry in the table for self signed and expired, since their behavior is no longer the same at all security levels.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  herrick Andy Herrick
                  Reporter:
                  dvodopya Denis Vodopyanov (Inactive)
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  8 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: