Signed applets

GOOD NEWS

• JDK 1.1 now includes packages implementing digital signatures

  • JAR signature package

• Signed applets can be given more privilege

• Along with access control, this is the future of executable content

BAD NEWS

• Different levels of trust must be carefully managed

• Signing everything is BAD

• Implementation is complicated, leaving room for mistakes

  • code signing security hole

Previous slide

Next slide

Back to first slide

View graphic version