RFR: 8259401: Add checking to jarsigner to warn weak algorithms used in si… [v2]
Sean Mullan
mullan at openjdk.java.net
Wed Jan 13 20:29:05 UTC 2021
On Wed, 13 Jan 2021 01:21:14 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
>> The jarsigner tool currently provides warning associated with the signer’s cert when it uses weak algorithms, but not for the CA certs. This change is to process the signer’s cert chain to warn if CA certs use weak algorithms.
>
> Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:
>
> No warning for trusted cert's SHA1, and added debug output to test
Marked as reviewed by mullan (Reviewer).
-------------
PR: https://git.openjdk.java.net/jdk/pull/2042
More information about the security-dev
mailing list