On Tue, 20 Sep 2022 17:37:50 GMT, Alan Bateman <al...@openjdk.org> wrote:
>>> > OK, will make another pass at this today >>> >>> I looked at the latest draft >>> ([2bafc00](https://github.com/openjdk/jdk/commit/2bafc00cc462b7af3f724371ac1bef5fd99c989c)). >>> I think it would help if the section "Verifying a JarInputStream" were >>> renamed to "Signed JAR files". >> >> OK, I will change as you suggest >> >> The link to getManifest makes the reader wonder if they have to call this >> method whereas I think what you want to say that the manifest must be at the >> start of the stream (as per the first section) and then followed by >> signature entries. >> >> The reason I used the getManifest wording is I felt it was easier and less >> redundant than copying the wording about the Manifest needing to be either >> the first or second entry (assuming META-INF/ is the first in the stream). >> However if you prefer that, I will make that change. > > Thanks for the updates in 69138715. Just one comment on the updated text, > and specifically this sentence: > > + * A {@code JarInputStream} may be used to verify the signatures of a > + * <a href="{@docRoot}/../specs/jar/jar.html#signed-jar-file">signed JAR > file</a> > + * assuming the following requirements are met: > > The signatures are verified by default so I think you can reduce this down to: > > A {@code JarInputStream} verifies the signatures of entries in a <a > href="{@docRoot}/../specs/jar/jar.html#signed-jar-file">Signed JAR file</a> > when: > > We could say that a program could opt-out of verification by using the 2-arg > constructor but that is probably too much to try to fit in here. > Thanks for the updates in > [6913871](https://github.com/openjdk/jdk/commit/691387157f01602ee25a1887223e00f880d071d1). > Just one comment on the updated text, and specifically this sentence: > > * * A {@code JarInputStream} may be used to verify the signatures of a > * * [signed JAR file]({@docRoot}/../specs/jar/jar.html#signed-jar-file) > * * assuming the following requirements are met: > > The signatures are verified by default so I think you can reduce this down to: > > A {@code JarInputStream} verifies the signatures of entries in a [Signed JAR > file]({@docRoot}/../specs/jar/jar.html#signed-jar-file) when: > > We could say that a program could opt-out of verification by using the 2-arg > constructor but that is probably too much to try to fit in here. Updated per your suggestion above. ------------- PR: https://git.openjdk.org/jdk/pull/10045