trusted identities

Mark Bordas (Mark.Bordas@East)
Tue, 29 Apr 1997 16:24:48 -0400 (EDT)

Date: Tue, 29 Apr 1997 16:24:48 -0400 (EDT)
From: Mark Bordas <Mark.Bordas@East>
Subject: trusted identities
To: java-security@web2.javasoft.com

I noticed that in order for a signed applet to run, the identity
must be trusted - even if the certificate is not self-signed
and the issuer *is* trusted. In other words, all identities
must be trusted, and who the issuer is is irrelevant. Is this
intentional or likely to change at some point in the future?

mark