Please review the code change at http://cr.openjdk.java.net/~weijun/8163304/webrev.01/
With this change, "jarsigner -verify -verbose" will print out how a jar was signed. For example, a jar which was signed and timestamped with many weak algorithms will show - Signed by "CN=old" Digest algorithm: MD2 (weak) Signature algorithm: MD2withRSA (weak), 2048-bit key Timestamped by "CN=tsbad1" on Wed Oct 19 07:32:22 UTC 2016 Timestamp digest algorithm: MD2 (weak) Timestamp signature algorithm: SHA1withRSA, 512-bit key (weak) WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property: jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024, DSA keySize < 1024 Thanks Max