RFR[15] 8242060: Add revocation checking to jarsigner
Hai-May Chao
hai-may.chao at oracle.com
Thu Apr 30 23:29:48 UTC 2020
Hi,
I’d like to request a review for:
JBS: https://bugs.openjdk.java.net/browse/JDK-8242060
CSR: https://bugs.openjdk.java.net/browse/JDK-8244046
Webrev: https://cr.openjdk.java.net/~hchao/8242060/webrev.00/
The jarsigner command currently does certificate chain validation, but does not check revocation. Users won’t be able to know if the certificates are revoked. This change is to provide an option in jarsigner to enable the revocation check, and to emit progress messages when jarsigner starts network connections to get OCSP responses and CRL.
Thanks,
Hai-May
More information about the security-dev
mailing list