DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=26083>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=26083 ------- Additional Comments From [EMAIL PROTECTED] 2006-04-26 13:37 ------- >> (b) somehow treating security stuff specially and doing the correct merging >> so >> that packages/classes that were signed in the source are still signed in the >> merged file. >Seems to be problematic, because a signed jar must be signed at the whole and >can not be signed partially with different signers, as I know. Correct? I think you are actually signing packages, not JARs. That's why there is no test <issigned jar="something" /> that checks the signature of a "JAR". I'd need to check with our security person, who is away this week. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
