Date: Thu, 17 Jul 1997 23:07:24 +0200 (METDST)
Message-Id: <199707172107.XAA20366@hs2001.wdf.sap-ag.de>
To: java-security@web2.javasoft.com
From: kitty.yue@sap-ag.de (Kitty Yue)
Subject: FW: About applet security
Hi there,
I appreciate if you can spare a few minutes to clarify a few applet
security issues. I would like to get some insights from you.
As far as I read (from reference books and most of the knowledge
base provided by SUN website), applets are considered to be untrusted by
default for security reason. And the restriction can be relaxed in a
controlled environment:
1) Using Signed Jars
- Currently, HotJava Browser is the only Web Browser that support
signed applets, are
Netscape 4.0 and IE 4.0 or later version going to support this as
well?
2) Intranet
- Is it true that if applet is loaded within the intranet (firewall)
of a company, we can
somehow configure the Web browser/Proxy server to understand that
this is an applet
from within the company intranet and so it can be considered as
'trusted' and
performs activities which is not allowed previously? Can you
suggest some reference
so that I can look into?
Thanks so much for your time,
Kitty Yue
itty.yue@sap-ag.de