P3
This is a follow-up issue to JDK-8026746 to address the messaging issue.
The issue in a nutshell:
When a jar is signed with jarsigner from 1.4 or earlier it does not properly sign resources in META-INF, this is considered a bug and any jar that is signed this way is considered invalid for security reasons. When an applet attempts to use such an invalidly signed jar, the deployment runtime will refuse to load it with no indication to the end user why it failed to load. We need some means of letting end users know why the application failed to load, rather than just quietly refusing to load the applet.
The issue in a nutshell:
When a jar is signed with jarsigner from 1.4 or earlier it does not properly sign resources in META-INF, this is considered a bug and any jar that is signed this way is considered invalid for security reasons. When an applet attempts to use such an invalidly signed jar, the deployment runtime will refuse to load it with no indication to the end user why it failed to load. We need some means of letting end users know why the application failed to load, rather than just quietly refusing to load the applet.