"When a Signed Java JAR file is not Proof of Trust"

When a Signed Java JAR file is not Proof of Trust

"By default, certificate revocation list check is set to “OFF” and signed Java app are authorized to have privileged accesses…

So conclusion, signed Java app are not a proof of trust if you don’t check revocation lists …."