On Fri, Feb 10 2017, Roel Janssen wrote
> [ ... ]

I was getting frustrated at not having certificates with java 8 (it's
surprisingly annoying to have to use one environment with java 7 to
download dependencies with maven, then a different environment with java
8 to actually run your program), so I downloaded and tried out your
patch. It seems to work!

But then I wondered, could we just change the generate-keystore phase of
the icedtea-6 package to log a failed certificate import without failing
the build? Then we could move the permissions change there, too, which
would give us a smaller patch that should accomplish a similar result
(attached).