Releases: elbosso/rfc3161timestampingserver
Java_17_Javalin_4
This release marks a moderate step forwards regarding up-to-date software: The release on the main branch now demands Java version 17 or higher. All docker files in the project use base images with some version of Java 17 accordingly, as does the CI/CD pipeline.
There still is a branch with the now deprecated Java 11 version.
Also, the framework Javalin - on which this solution is based - is pushed to a newer version: version 4.
There are no feature upgrades in this release.
Automated Tests
This release includes not only automated unit tests but also automated integration tests and automated architecture tests
Unit-Tests
This release is the first with public unit-tests. Some of the tests are only performed if there is suitable crypto material available
Feature-wise - this is the first release to allow to include not only the full certificate chain in the timestamp response but also all associated CRLs.
Full chain included in replies
Prior to this version, the replies always only contained the certificate of the signer - never any certificates of root or intermediary CAs. This was all well and good as the server offered the chain certificates as a separate download - so if one needed those to verify a timestamp, they were close at hand. And individual timestamps did not need this much bandwidth to begin with.
However, many tools bothered end users with warnings about being unable to fully verify the PKIX-chain or something of that kind (looking at you, jarsigner
!). Therefore - this release gives the administrator the choice: Either keep the operation as it was before or set the new environment variable de.elbosso.tools.rfc3161timestampingserver.App.includeFullChain
to true
- this changes things insofar as now every timestamp generated contains all certificate in the chain - starting from the signing certificate up to and including the root certificate.
This change is backward compatible - any already issued timestamps are still valid. However, if the administrator decides to change the behaviour to include the chain certificates, timestamps issued before that switch is made naturally will only contain the signers certificate - there is no conversion of older timestamps - after all - how could it be?
no more log4j!
rfc3161timestampingserver-1.2.0 [maven-release-plugin] copy for tag rfc3161timestampingserver-1.2.0
Fix for Issue #11
rfc3161timestampingserver-1.1.0 [maven-release-plugin] copy for tag rfc3161timestampingserver-1.1.0
automated maven release management
rfc3161timestampingserver-1.0.0 [maven-release-plugin] copy for tag rfc3161timestampingserver-1.0.0
armhf ready
It features Dockerfiles not only for standard x86 architectures but also for armhf as for example needed when using docker on a Raspberry Model 3...
production ready prototype final pre-alpha
turn prototype into production ready by making it possible to search for timestamps and by issuing real serial numbers
initial release
1.0.0 fixes #3