Date: Thu, 20 Mar 1997 10:43:47 GMT
Message-Id: <199703201043.KAA03100@benny.tadpole.co.uk>
From: Richard Evans <rde@tadpole.co.uk>
To: java-security@java
Subject: Basic help on signed applets
I've been experimenting with signed javakey, signed applets and HotJava and
there seems to be a basic hole in my understanding. I wonder if anyone could
help fill it or point me to some reference materials.
[Go to the paragraph starting BUT to find my problem].
I've been through the javakey documentation and example, and I've done the
following:
. Created myself as a trusted signer:
javakey -cs rde true
. Given myself a key pair:
javakey -gk rde DSA 512
. Made a certificate:
javakey -dc certfile
where certfile is:
# This is a sample certificate directive file.
# the id of the signer
issuer.name=rde
# the cert to use for the signing
issuer.cert=1
# the id of the subject
subject.name=rde
# the components of the X500 name for the subject
subject.real.name=Richard Evans
subject.org.unit=Richard's Applet Factory
subject.org=Tadpole Technology
subject.country=UK
# Various parameters: start and end date for validity and expiration
# of the certificate. Serial number. FIle to which to output the
# certificate (optional).
start.date=17 Jan 1997
end.date=16 Jan 1998
serial.number=4032
out.file=rde.x509
. Made a simple applet jar file and signed it:
javakey -gs dirfile tru.jar
mv tru.jar.sig tr.jar
where dirfile contains:
# Jar signing directive. This is the directive file used by javakey to
# sign a jar file.
# Which signer to use. This must be in the system's database.
signer=rde
# Cert number to use for this signer. This determines which
# certificate will be included in the PKCS7 block. This is mandatory
# and is 1 based.
cert=1
# Cert chain depth of a chain of certificate to include. This is
# currently not supported.
chain=0
# The name to give to the signature file and associated signature
# block. (i.e. DUKESIGN.SF and DUKESIGN.DSA). This must be 8
# characters or less.
signature.file=rdesig
All OK so far. Now I run HotJava on another system and refer to a page
containing the signed applet:
<applet name="tr" code="trusted.class" archive="tr.jar" width=360 height=200>
</applet>
The applet tries to access a local file and open a socket to localhost. As
expected, both operations fail with security exceptions.
If I go to Edit -> Preferences -> Advanced Security I can see an entry for the
certificate in my jar file. I can change the settings to allow the network
and file access and the applet now runs without the security exceptions.
BUT, this is where I get confused. How can I, the HotJava user, trust this
applet just because it has a signature with my name in it? What stops
somebody else signing an applet with the identical name and organization data?
How can I tell that the signature comes from me and not somebody else?
And if my certificate is signed by someone else, how I can I be sure they are
who they claim to be?
The javakey documentation talks about using -ic to import a certificate for a
user. I can do this with my X.509 certificate, but I can't see how to use
this in the HotJava preferences.
Any pointers would be appreciated.
Thanks
Richard
-- ------------------------------------------------------------------------------- Richard Evans Telephone : (+44) 1223 428200 Tadpole Technology plc Fax : (+44) 1223 428203 Cambridge Science Park Milton Road E-Mail : rde@tadpole.co.uk Cambridge, CB4 4WQ, UK -------------------------------------------------------------------------------