On 30/06/2020 14:51, Seán Coffey wrote:

:

During the CSR review, a suggestion was made to have jarsigner preserve such attributes by default. Warnings about these attributes will also be added during signing and verify operations (if detected).

Yes, signing should be additive so the original proposal to drop information from the UNIX extra block would be surprising. The intersection of those using zip/other tools to create zip files and then signing them with jarsigner is probably small but it would still be confusing for signing to loose information. Having jarsigner refuse to sign these zip files by default, with an option to override, would be a reasonable approach. The current proposal to printing a warning seems okay too.

I've skimmed through webrev.8218021.v5 which has this warning:

"POSIX file permission attributes detected. Note that these attributes are unsigned and not protected by the signature."

I realize you've agreed this with the other Reviewers but I think that "Note that these attributes are unsigned ..." is confusing as it could be interpreted to mean that they have to be signed by some other means, or even that the warning is because they are using unsigned values.

It might be better to tweak the second part to make it a bit clearer, up to you but something like "These attributes are ignored when signing and are not protected by the signature".

-Alan

Reply via email to