JSECURITY Issue: Signing applets

Samuel Chen (tom@Intelisys.net)
Sun, 22 Nov 1998 17:55:41 GMT

Name: Thomas Crawley
Email: tom@Intelisys.net
Organization: Intelisys
Phone Number: 212 638 8616
Location: North America
System: Win95
Referring URL: http://www.javasoft.com/features/1998/11/jdk.security.html

Hi,

Signing applets...

The articles on Code Signing exclusively refer to Solaris-UNIX environments.

Please be less platform specific and address yourself to Windows based environments..

Is it possible to download a signed JAR file from the intranet to the Java plugin and allow the user to authenticate the Jar and grant permissions to the applet instantly without having to put files in their home directory (which they may not be able to
do) or edit local files prior to downloading the applet ?

I do not want users to have to run policytool on their machines before they can use the applet.

It is claimed in some articles that it is possible to centrally locate the signatures or configure the plugin etc so that when the plugin is downloaded the plugin
authenticates applets at a central location for access to client system ?

How is this done in a Windows Environment ?

Is there any way to give the applet access outside the sandbox without having the user perform client side configuration ?

Please make this information publicly available.

I can do this with CAB files on IE. Can I do it with JAR files on Java Plugin ?

Do I have to use CAB files to do this ?

Thanks

Tom