RFR 8163304: jarsigner -verbose -verify should print the algorithms used to sign the jar
Bernd Eckenfels
ecki at zusammenkunft.net
Wed Oct 19 20:30:09 UTC 2016
Am Wed, 19 Oct 2016 16:13:24 -0400
schrieb Sean Mullan <sean.mullan at oracle.com>:
> 150 "The jar will be treated as unsigned, because it
> is signed with a weak algorithm that is now disabled.\n\nRe-run
> jarsigner with the -verbose option for more details."},
I also wondered: what if there are multiple signatures. So a "because
it is signed only with weak algorithms" might be better?
Gruss
Bernd
More information about the security-dev
mailing list