What does it matter whether sun gives jboss the j2ee rubber stamp when jboss has security bugs so severe that they look like something out of a microsoft mail product?
Have a look for yourself...
http://www.jboss.org/forums/thread.jsp?forum=49&thread=20990&message=3740430&q=#3740430I was an enthusiastic supporter of jboss for a long time but this stuff will never get past a security audit. Thus,these holes give companies far more reason to condemn it than lack of certification would otherwise. My company doesn't really care about the certification per se, but we do care about security.