Date: Wed, 30 Jul 1997 11:27:50 -0700
Message-Id: <199707301827.LAA10554@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: dascnl!tbr@relay.NL.net
Subject: Re: Problem with using system eventqueues
When you say system event queue, do you mean the JVM event queue, or
something that is part of the underlying OS?
In general, downloaded applets in JDK 1.1 (up through JDK 1.1.3, the
current release) are restricted in what they can do, to protect the
client (the computer where the browser is running.) It wouldn't be
a good idea to let any downloaded applet insert or delete events from
the event queue.
Your initial instinct is right - signed applets would help solve
this. One problem with the Java digital signatures is that right
now, support for the standard java signatures isn't integrated into
the most-used Java-enabled browsers, although it is supported in
HotJava. You might try experimenting with HotJava, which also
supports some level of finer grain access control for signed applets
(so that it isn't "all or nothing.") HotJava is at
http://java.sun.com/products/HotJava
In the next major release of the JDK, we will have support for fine
grain access control integrated into the JDK. This will solve your
problem since you'll be able to assign selective access to particular
Java code. You'll be able to assign access based on the URL where the
code came from, or the public key that signed the code, or both, or
neither, so that will be flexible enough to let people establish
selective access while we all wait for the Public Key Infrastructure
and related tools to catch up. Signing is a very attractive solution,
but there are a lot of details that the industry is still hammering
out, to do with interoperability, and online certificate authorities,
and the rest.
Marianne