Uploaded image for project: 'Infrastructure'
  1. Infrastructure
  2. INFRA-11020

Apache River Project - X509 code signing certificates for jar files

    XMLWordPrintableJSON

    Details

    • Type: Planned Work
    • Status: Closed
    • Priority: Minor
    • Resolution: Done
    • Fix Version/s: Jul 2016
    • Component/s: Codesigning
    • Labels:
      None

      Description

      Apache River is currently reliant on insecure protocols such as MD5 for jar file integrity validation.

      Apache River provides service implementations that have jar files that clients must download. If we sign these jar files, it will make it easier for users to make permission grants in policy files.

        Attachments

          Activity

            People

            • Assignee:
              markt Mark Thomas
              Reporter:
              pfirmst Peter Firmstone
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: