Date: Sun, 27 Jul 1997 17:58:41 -0700
Message-Id: <199707280058.RAA09533@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: Valik@alis.kharkov.ua
Subject: Re: Digital signature
There is a demo on how to create and sign a JAR file, on our web site,
at http://java.sun.com/security/usingJavakey.html
One thing not mentioned in that document is that when you then want to
refer to the signed JAR file in the HTML document that has an applet
tag, use the "archive" attribute like so
<applet code=foo.class archive=foo.jar width=100 height=100>
</applet>
In that example, I'm assuming you created a file named "foo.jar" that
contains "foo.class", and signed the foo.jar file.
There is no formal committee or formal procedure for signing or
registering an applet. Right now, you can use the javakey utility
that is part of the JDK to create your own keys and certificates.
Eventually, the public key infrastructure will evolve so that you can
register online for a certificate for your Java digital key(s).
In general, see these web sites
for Java security, in general
http://java.sun.com/security
for Q&A about Java security
http://jserv.javasoft.com/hypermail/java-security-archive-2/index.html
Marianne