Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8191438

jarsigner should print when a timestamp will expire

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 11
    • Component/s: security-libs

      Description

      jarsigner should print more information about the lifetime of a timestamped JAR, which is bounded by the validity period of the TSA. Once the TSA server certificate expires, the timestamp is no longer valid and the JAR will be treated as unsigned (assuming the signer's certificate is also expired). Printing this information would give users a better idea how long the timestamped application will actually work. The information should be emitted when using jarsigner to sign or verify a JAR, and perhaps also when using keytool to print the certificates in a signed JAR. The warnings should be categorized by severity based on how soon the timestamp will expire.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                weijun Weijun Wang
                Reporter:
                mullan Sean Mullan
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: