When signing, I think we should always print when the timestamp will
expire, even if it is 10 years from now. For the warning, I would bump
it up 6 months to a year. (It could potentially be more than this - a
fresh timestamp ideally should be good for > 5 years in my opinion).
Perhaps we don't
Hi All
Please take a look at http://cr.openjdk.java.net/~weijun/8191438/webrev.00/.
Regression tests not added yet. I'd like to hear your comments on the output
format.
Major changes:
1. New flags hasExpiringTsaCert and hasExpiredTsaCert for TSA cert chain. They
are set and used similar to fl