Re: Clarification

Gigi Ankeny (Gigi.Ankeny@Eng)
Wed, 19 Nov 1997 08:59:20 -0800 (PST)

Date: Wed, 19 Nov 1997 08:59:20 -0800 (PST)
From: Gigi Ankeny <Gigi.Ankeny@Eng>
Subject: Re: Clarification
To: java-security@web2.javasoft.com, sriks@its.soft.net

Hi,

In order for an applet to access the local resources where it has been
downloaded, the local machine should have given the trust for it to do that.
In other words, someone has to add the applet's signer to the local
trust database.

for more information on signed applets:
http://java.sun.com/security
http://java.sun.com/security/signExample/

if you're using netscape, you must use their code signing facilities:
http://developer.netscape.com/software/signedobj/index.html

Hope that helps,

Gigi Ankeny

> From: "Srikanth. S." <sriks@its.soft.net>
> To: "'java-security@java.sun.com'" <java-security@web2.javasoft.com>
> Subject: Clarification
> Date: Wed, 19 Nov 1997 10:44:54 +0530
> Mime-Version: 1.0
> Content-Transfer-Encoding: quoted-printable
>
> Hi
>
> I have a clarification. Can u suggest some documentation on this.
>
> I have created a digitally signed JAR file using JavaKey. I am able to access
local resources from my machine since the .ob file contains the key. I am using
the Duke key given in the example. How can the same JAR file be used by another
computer through HTTP ( ie., class loader ) and access their local resources.
>
> ie., how will the class loader in that machine identify this digital
signature. Does it mean, i have to manually add it to their list.
>
> When i try from other machine, its not able to access. Where can i find
documentation on downloading and using trusted applets on the fly.
>
> Your help will be kindly solicited.
>
> Thanks & Regards
>
> Srikanth. S.