I'm looking for a resolution to this also. Chainsaw (a log file
viewer from the Logging Services project) has been available via
WebStart from the Logging Services web site for several years but is
signed by one of the developer's personal certificates. It doesn't
seem to fit within the
I'm no expert in signing, but am looking into alternatives. This is
what I've found, so far.
Apache projects sign their distributable artifacts; see
http://www.apache.org/dev/release-signing.html
For artifacts which are Jars, there is another standard for signing
which is supported by Java
Hi Marshall,
When I looked into Java signing and found it to be too burdensome.
There are two basic issues with it that made me think that it wasn't
suitable for use with Apache projects:
1. The certificates are the keys to the kingdom. Whoever has the
ability to use the certificates
Craig L Russell wrote:
Hi Marshall,
When I looked into Java signing and found it to be too burdensome.
There are two basic issues with it that made me think that it wasn't
suitable for use with Apache projects:
1. The certificates are the keys to the kingdom. Whoever has the
ability to use
