Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8027135

[regression] Applications with Permissions attribute signed with expired certificate are blocked on High security level

XMLWordPrintable

    • b03
    • b05
    • generic
    • generic
    • Verified

        The latest UE flow for 7u51: http://aseng-wiki.us.oracle.com/asengwiki/display/ASUsability/Summary+of+Tighter+JRE+Security+Dialogs#SummaryofTighterJRESecurityDialogs-JDK7u51%28Jan2014%29
        introduces (for the first time) differant behavior for self-signed cert as for expired cert.
        The implementation treats them the same, as SecuritySettings.isExpiredAllowed() simply returns the value for isSelfSignedAllowed(). This was OK in past (since value was always the same) but now we need to have seperate entry in the table for self signed and expired, since their behavior is no longer the same at all security levels.

          1. java.policy
            0.0 kB
            Denis Vodopyanov

              herrick Andy Herrick (Inactive)
              dvodopya Denis Vodopyanov (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: