RFR: 8259401: Add checking to jarsigner to warn weak algorithms used in si… [v2]
Rajan Halade
rhalade at openjdk.java.net
Wed Jan 13 18:31:02 UTC 2021
On Wed, 13 Jan 2021 01:21:14 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
>> The jarsigner tool currently provides warning associated with the signer’s cert when it uses weak algorithms, but not for the CA certs. This change is to process the signer’s cert chain to warn if CA certs use weak algorithms.
>
> Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:
>
> No warning for trusted cert's SHA1, and added debug output to test
Marked as reviewed by rhalade (Reviewer).
-------------
PR: https://git.openjdk.java.net/jdk/pull/2042
More information about the security-dev
mailing list