Re: Applet security

Marianne Mueller (Marianne.Mueller@Eng)
Wed, 10 Jun 1998 16:52:36 -0700 (PDT)

Date: Wed, 10 Jun 1998 16:52:36 -0700 (PDT)
From: Marianne Mueller <Marianne.Mueller@Eng>
Subject: Re: Applet security
To: java-security@web1.javasoft.com, Marie.G.Ricketts@Dartmouth.EDU

> I can't get either case to work in HotJava. The
> Hotjava/UsersGuide/dev_security.html states that "If you mark a
> certificate as "trusted" using the JDK's javakey utility, applets
> running on your machine that are signed with that certificate are
> treated by your system as if they are trusted local application code.
> These applets will not be subject to any security manager controls you
> set in the HotJava Browser. "
>
> I interpret that I should not set any applet security in HotJava.

The example works for me with HotJava. What version of HotJava are you
using? Use the Help->About menu item to bring up the release page.

I don't know of any good books about JDK 1.1 security. Apart
from java.sun.com/security, there's also java.sun.com/sfaq, and for 1.2,
http://java.sun.com/products/jdk/1.2/docs/guide/security/index.html