Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8191438

jarsigner should print when a timestamp will expire

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 11
    • Component/s: security-libs

      Backports

        Description

        jarsigner should print more information about the lifetime of a timestamped JAR, which is bounded by the validity period of the TSA. Once the TSA server certificate expires, the timestamp is no longer valid and the JAR will be treated as unsigned (assuming the signer's certificate is also expired). Printing this information would give users a better idea how long the timestamped application will actually work. The information should be emitted when using jarsigner to sign or verify a JAR, and perhaps also when using keytool to print the certificates in a signed JAR. The warnings should be categorized by severity based on how soon the timestamp will expire.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  weijun Weijun Wang
                  Reporter:
                  mullan Sean Mullan
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: