Basic help on signed applets

Richard Evans (rde@tadpole.co.uk)
Thu, 20 Mar 1997 10:43:47 GMT

Date: Thu, 20 Mar 1997 10:43:47 GMT
Message-Id: <199703201043.KAA03100@benny.tadpole.co.uk>
From: Richard Evans <rde@tadpole.co.uk>
To: java-security@java
Subject: Basic help on signed applets

I've been experimenting with signed javakey, signed applets and HotJava and
there seems to be a basic hole in my understanding. I wonder if anyone could
help fill it or point me to some reference materials.

[Go to the paragraph starting BUT to find my problem].

I've been through the javakey documentation and example, and I've done the
following:

. Created myself as a trusted signer:

javakey -cs rde true

. Given myself a key pair:

javakey -gk rde DSA 512

. Made a certificate:

javakey -dc certfile

where certfile is:

# This is a sample certificate directive file.

# the id of the signer
issuer.name=rde

# the cert to use for the signing
issuer.cert=1

# the id of the subject
subject.name=rde

# the components of the X500 name for the subject
subject.real.name=Richard Evans
subject.org.unit=Richard's Applet Factory
subject.org=Tadpole Technology
subject.country=UK

# Various parameters: start and end date for validity and expiration
# of the certificate. Serial number. FIle to which to output the
# certificate (optional).
start.date=17 Jan 1997
end.date=16 Jan 1998
serial.number=4032
out.file=rde.x509

. Made a simple applet jar file and signed it:

javakey -gs dirfile tru.jar
mv tru.jar.sig tr.jar

where dirfile contains:

# Jar signing directive. This is the directive file used by javakey to
# sign a jar file.

# Which signer to use. This must be in the system's database.
signer=rde

# Cert number to use for this signer. This determines which
# certificate will be included in the PKCS7 block. This is mandatory
# and is 1 based.
cert=1

# Cert chain depth of a chain of certificate to include. This is
# currently not supported.
chain=0

# The name to give to the signature file and associated signature
# block. (i.e. DUKESIGN.SF and DUKESIGN.DSA). This must be 8
# characters or less.
signature.file=rdesig

All OK so far. Now I run HotJava on another system and refer to a page
containing the signed applet:

<applet name="tr" code="trusted.class" archive="tr.jar" width=360 height=200>
</applet>

The applet tries to access a local file and open a socket to localhost. As
expected, both operations fail with security exceptions.

If I go to Edit -> Preferences -> Advanced Security I can see an entry for the
certificate in my jar file. I can change the settings to allow the network
and file access and the applet now runs without the security exceptions.

BUT, this is where I get confused. How can I, the HotJava user, trust this
applet just because it has a signature with my name in it? What stops
somebody else signing an applet with the identical name and organization data?
How can I tell that the signature comes from me and not somebody else?

And if my certificate is signed by someone else, how I can I be sure they are
who they claim to be?

The javakey documentation talks about using -ic to import a certificate for a
user. I can do this with my X.509 certificate, but I can't see how to use
this in the HotJava preferences.

Any pointers would be appreciated.

Thanks

Richard

-- 
-------------------------------------------------------------------------------
Richard Evans			 		Telephone : (+44) 1223 428200
Tadpole Technology plc		 		Fax       : (+44) 1223 428203
Cambridge Science Park
Milton Road			 		E-Mail    : rde@tadpole.co.uk
Cambridge, CB4 4WQ, UK
-------------------------------------------------------------------------------