Re: Query on Applet security

Charlie Lai (Charlie.Lai@Eng)
Wed, 12 Nov 1997 16:17:52 -0800 (PST)

From: Charlie.Lai@Eng (Charlie Lai)
Message-Id: <199711130017.QAA11190@angeles.eng.sun.com>
Subject: Re: Query on Applet security
To: jasmin@fsl.fujitsu.com.sg (Jasmin Shanawaz)
Date: Wed, 12 Nov 1997 16:17:52 -0800 (PST)
In-Reply-To: <27F25F84850@csdc.fujitsu.com.sg> from "Jasmin Shanawaz" at Nov 10, 97 10:15:20 am

hi,

> I am currently trying to write a Java applet that can make network
> connections to hosts other than its originating host. I am thinking
> of implementing the signed trusted applet facility that is provided
> in JDK 1.1. However I am having difficulty in locating the
> information on how to do that in the JDK 1.1 documention at the home
> page of javasoft. Can you tell me the site where I can have this
> information.

for information on signed applets in JDK 1.1.x:
http://java.sun.com/security
http://java.sun.com/security/signExample/
this will allow you to perform your task using appletviewer.

if you're using netscape, you must use their code signing facilities:
http://developer.netscape.com/software/signedobj/index.html

> I have read about the fine-grined access control that
> will be coming out soon in JDK 1.2. May I know how the second
> approach will differ from the one in JDK 1.1 ?

for information on the JDK 1.2 security model check out
the papers, FAQs, and presentations at:
http://java.sun.com/security

charlie