DSS 4.7.RC2

1 year ago

The release contains :

  • Bundle for demonstration
  • Source code

1) Source code is located at https://github.com/esig/dss. Contributions can be proposed at https://github.com/esig/dss/pulls.

2) The artefacts are published on both Joinup DSS project page and Joinup Maven repository https://joinup.ec.europa.eu/nexus/content/groups/public/.

3) Issues, bugs or feature requests can be submitted at https://esig-dss.atlassian.net/projects/DSS. More information on https://joinup.ec.europa.eu/asset/sd-dss/topic/how-use-jira.

4) A demonstration web application for signing a document and verifying a signature can be found at https://joinup.ec.europa.eu/sd-dss/webapp-demo.

Release Notes


  • [DSS-806] - CommonsDataLoader.java doesnt call httpClient.close();
  • [DSS-883] - TSLValidationJob refresh method does not revalidate country TSLs if only the LOTL changed
  • [DSS-890] - SimpleReport.isSignatureValid(String) fails to handle the new {{TOTAL_PASSED}} indication in 4.7.RC1
  • [DSS-893] - The pre-defined EU TSL signers from the EU TSL signers trust store in the DSS Demo Web Application (keystore.p12) cannot be deleted
  • [DSS-895] - Validation of a signature can influence the validation result of another signature
  • [DSS-915] - Fix detecting signature qualification level based on TL information (QSCD/SSCD check)
  • [DSS-918] - Validation fails for document with revoked signing certificate when ValidationLevel is set to LONG_TERM_DATA, but succeeds when ValidationLevel is ARCHIVAL_DATA
  • [DSS-922] - OCSP revocation errors are not included in simple report


  • [DSS-912] - DSS 4.7.RC1 does not build with JDK 7
  • [DSS-931] - Detection of out-dated dss keystore