logging-log4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Scott Deboy <scott.de...@gmail.com>
Subject Re: Companions -> Chainsaw?
Date Tue, 04 Oct 2011 17:44:13 GMT
We need a code signing certificate that is trusted by a root cert auth, and
use that cert to sign the jars - I would prefer the ASF handle this.

See
http://download.oracle.com/javase/6/docs/technotes/guides/javaws/developersguide/faq.html

Scott


On Tue, Oct 4, 2011 at 10:32 AM, Christian Grobmeier <grobmeier@gmail.com>wrote:

> > http://logging.apache.org/chainsaw/download.html - by clicking on the
> 'Java
> > Web Start' link, Chainsaw will download, install and run..
> >
> > To update the version of Chainsaw we provide via Web Start, we need to
> sign
> > the jars, since Chainsaw writes to the local file system, can initiate
> > socket connections, etc, and Web Start only allows that if the jars are
> > signed and the person oks the access..It seems Apache should have a cert
> for
> > signing jars, instead of having to do this ourselves..
>
> Is any pgp key fine to sign or should it be one with a trusted
> identiy, like "this software was developed by the ASF" and so on?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
> For additional commands, e-mail: log4j-dev-help@logging.apache.org
>
>

Mime
View raw message