Thanks all for the input. The most preferred option was
implementation an additional trust store feature that would, if
enabled, disallow the use of expired trust anchors ('b') using the
approach of re-computing the certification path ('2') .
I intend to implement this under QPID-7867 over the nex
+1
* verified the checksums and signatures
* ran apache:rat-check
* built from source distribution artefact and ran all tests (mvn verify)
* ran Joram JMS integration tests against the Java Broker (master and
6.1.4) using the staged Maven artefacts
* ran the Java Broker client/broker system test s