Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8027781

New jarsigner timestamp warning is grammatically incorrect

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: 7u51, 8
    • Fix Version/s: 9
    • Component/s: security-libs
    • Labels:
      None

      Backports

        Description

        If a jar is not timestamped, the following warning is emitted (as of 7u51/8):

        "This jar contains signatures that does not include a timestamp. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (%1$tY-%1$tm-%1$td) or after any future revocation date."

        The phrase "signatures that does not" is grammatically incorrect. I suggest changing this to:

        "This jar contains one or more signatures that do not include a timestamp. Without a timestamp, ..."

        Also, if there is more than one signature that is not timestamped, just listing the expiration date of one of the certificates is misleading and confusing, since there may be other signer certs. I can't think of a very good way to address this though. It would probably be too verbose to list the expiration date of each certificate.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  weijun Weijun Wang
                  Reporter:
                  mullan Sean Mullan
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: