Re: Digital signature

Marianne Mueller (mrm@Eng)
Sun, 27 Jul 1997 17:58:41 -0700

Date: Sun, 27 Jul 1997 17:58:41 -0700
Message-Id: <199707280058.RAA09533@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: Valik@alis.kharkov.ua
Subject: Re: Digital signature

There is a demo on how to create and sign a JAR file, on our web site,
at http://java.sun.com/security/usingJavakey.html

One thing not mentioned in that document is that when you then want to
refer to the signed JAR file in the HTML document that has an applet
tag, use the "archive" attribute like so

<applet code=foo.class archive=foo.jar width=100 height=100>
</applet>

In that example, I'm assuming you created a file named "foo.jar" that
contains "foo.class", and signed the foo.jar file.

There is no formal committee or formal procedure for signing or
registering an applet. Right now, you can use the javakey utility
that is part of the JDK to create your own keys and certificates.
Eventually, the public key infrastructure will evolve so that you can
register online for a certificate for your Java digital key(s).

In general, see these web sites

for Java security, in general
http://java.sun.com/security

for Q&A about Java security
http://jserv.javasoft.com/hypermail/java-security-archive-2/index.html

Marianne