P4
The JNLP Specification requires, in section 5.4 defining a signed application:
An application launched by a JNLP Client is considered to be signed, if and only if:
All the JAR files are signed (both for jar and nativelib elements) and can be verified. A JAR file is signed if all the entries (excluding manifest entries, the signature iteself, and empty directories) are signed by a single signature.
The final "by a single signature" should be removed.
Although it is worthwhile to recommend that all jars in a jnlp file be signed by a common signer, enforcing that this is true has no value, costs a great deal of overhead, and in fact has never been fully implemented in Java Web Start (non-cached lazy jars are not checked, see JDK-6898733)
For these reasons it would be best to change the requirement in the jnlp spec to a recommendation.
An application launched by a JNLP Client is considered to be signed, if and only if:
All the JAR files are signed (both for jar and nativelib elements) and can be verified. A JAR file is signed if all the entries (excluding manifest entries, the signature iteself, and empty directories) are signed by a single signature.
The final "by a single signature" should be removed.
Although it is worthwhile to recommend that all jars in a jnlp file be signed by a common signer, enforcing that this is true has no value, costs a great deal of overhead, and in fact has never been fully implemented in Java Web Start (non-cached lazy jars are not checked, see JDK-6898733)
For these reasons it would be best to change the requirement in the jnlp spec to a recommendation.