Signing jar will cause some side effects which may not be convinent for people who don't need webstart at all. So we want to avoid sign jars and force everyone to use signed version. If you want to deploy in webstart, you can jar jide jars together with your jar and sign them altogether.
You're response confused me a little. Let me restate my question.
Jide does not want to sign their jar files. It is OK under the license agreement for me to sign the jar files with my certificate. Is this correct? Can you point me to where the license says this is OK?
Sorry for the confusion. All I was saying is we don't want to sign our jars in the release package. If you want to sign it, feel free to do so.
Here is the sentense under 3.D in the EULA.
"You may reformat or recombine the original distribution format of redistributables provided by JIDE. However JIDE will not support or have any liability for such use. "
This term will allow you to combine six jide jars into one big jide jar or combine them into your own jar, not to mention you just sign them.
As I mentioned, people sometimes combine our jars into their own jar or remove classes from jars because of they want to limit the jar size. If so, they have to break the signature first. It's just an extra step we tried to avoid. In fact we have no business/technical need to sign jars, why bother.