Bug ID: 6802846 jarsigner needs enhanced cert validation(options)

6802846 : jarsigner needs enhanced cert validation(options)

Details

Type:	Bug	Submit Date:	2009-02-09
Status:	Resolved	Updated Date:	2011-05-26
Project Name:	JDK	Resolved Date:	2009-04-11
Component:	security-libs	OS:	generic,solaris_10
Sub-Component:	java.security	CPU:	sparc,generic
Priority:	P3
Resolution:	Fixed
Affected Versions:	solaris_10,7
Fixed Versions:	7

Related Reports

Duplicate:	JDK-6802183 - more concise output for jarsigner
Duplicate:	JDK-6594047 - jarsigner cannot use external certchain

Sub Tasks

Description

Jarsigner needs enhanced certificate validation
(options) to make it more usefull AND documentation 
needs to be more clear on exactly what "jar verified" 
means to the customer.

While the encrypted content is verified, the source
(certificate) of the content is not, which may lead 
the user into a false sense of security if he/she 
does NOT clearly understand the meaning of "verified".

IF the user does try to use the options provided to 
accurately qualify the verification of the jarfile
certs, he/she has to slog through the output scanning
for key flags. If a user has 1000s of files this
can be very cumbersome and may lead to the user either
making mistakes or not checking the certs properly or
at all given the difficulty in doing so. The utility 
should provide the user an easier way to check for this.

Comments

EVALUATION

http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b752110df530

2009-03-27

EVALUATION

Updates:

1. -verbose:suboptions
2. -strict
3. -verify jarfile aliases...

2009-03-27

SELECT A COUNTRY/REGION
Africa Operation Argentina Australia Austria Bahrain Bangladesh Belgium & Luxembourg Belize Bhutan Bolivia Bosnia & Herzegovina Brasil Brunei Bulgaria Cambodia Canada - English Canada - French Chile China Colombia	Costa Rica Croatia Cyprus Czech Republic Denmark Ecuador Egypt Estonia Finland France Germany Greece Guatemala Honduras Hong Kong Hungary India Indonesia Iraq Ireland	Israel Italy Japan Jordan Kazakhstan Korea Kuwait Laos Latvia Lebanon Lithuania Malaysia Maldives Malta Mexico Moldova Nepal Netherlands New Zealand Nicaragua	Norway Oman Pakistan Panama Paraguay Peru Philippines Poland Portugal Puerto Rico Qatar Romania Russia Saudi Arabia Serbia & Montenegro Singapore Slovakia Slovenia South Africa Spain	Sri Lanka Sweden Switzerland -- French Switzerland -- German Taiwan Thailand Turkey Ukraine United Arab Emirates United Kingdom United States Uruguay Venezuela Vietnam Yemen

Hardware and Software, Engineered to Work Together