RFR[15] 8242060: Add revocation checking to jarsigner

Hai-May Chao hai-may.chao at oracle.com
Fri May 1 16:02:18 UTC 2020


Hi,

With small change added to ‘Usages.java' test, here is the updated webrev:

https://cr.openjdk.java.net/~hchao/8242060/webrev.01/

Thanks,
Hai-May

> On Apr 30, 2020, at 4:29 PM, Hai-May Chao <hai-may.chao at oracle.com> wrote:
> 
> Hi,
> 
> I’d like to request a review for:
> 
> JBS: https://bugs.openjdk.java.net/browse/JDK-8242060
> CSR: https://bugs.openjdk.java.net/browse/JDK-8244046
> Webrev: https://cr.openjdk.java.net/~hchao/8242060/webrev.00/
> 
> The jarsigner command currently does certificate chain validation, but does not check revocation. Users won’t be able to know if the certificates are revoked. This change is to provide an option in jarsigner to enable the revocation check, and to emit progress messages when jarsigner starts network connections to get OCSP responses and CRL.
> 
> Thanks,
> Hai-May
> 
> 
> 



More information about the security-dev mailing list