[icedtea-web] RFC: PR771: IcedTea-Web certificate verification code does not use the right API
Deepak Bhole
dbhole at redhat.com
Tue Aug 9 14:38:15 PDT 2011
* Danesh Dadachanji <ddadacha at redhat.com> [2011-08-09 17:27]:
> Hi,
>
> Looks good to me. Tested it with a few JNLPs from the
> IcedTea-Web-Tests wiki page too.
>
> Okay for HEAD.
>
Thanks! Committed.
Cheers,
Deepak
> Regards,
> Danesh
>
> On 09/08/11 05:18 PM, Deepak Bhole wrote:
> >Hi,
> >
> >Attached patch fixes an issue Danesh found whereby certificates using
> >a different signature algorithm than the certificate in the store are
> >marked untrusted even when they shouldn't be.
> >
> >Okay for HEAD?
> >
> >ChangeLog:
> >2011-08-09 Deepak Bhole<dbhole at redhat.com>
> >
> > PR771: IcedTea-Web certificate verification code does not use the right
> > API
> > * netx/net/sourceforge/jnlp/security/CertificateUtils.java
> > (inKeyStores): Use Certificate.verify to correctly verify a certificate
> > against a public key in the store.
> >
> >Cheers,
> >Deepak
More information about the distro-pkg-dev
mailing list