Date: Mon, 27 Apr 1998 09:57:40 -0700 (PDT)
From: Hemma Prafullchandra <Hemma.Prafullchandra@Eng>
Subject: Re: Informations
To: java-security@web2.javasoft.com, florio@CS.UniBO.IT
--> Hello,
--> i'm an italian students and i need some informations about signed applet.
--> I'm working on applet and security for my degree.
--> I made an applet whose files are in a package.
--> I 'd like to know how i can sign this applet.
You have to create a jar file with the classes you need and
then sign that using javakey.
--> I read that the signer has to get a certificate. How can i get the
certificate?
javakey allows you to create a self-signed certificate. You can
use that for test purposes. If you really want to distribute
the signed jar then you should get a certificate from a public CA,
like www.thawte.com or www.verisign.com.
--> Is it free?
That depends on the type of certificate you choose.
--> Can i use the javakey tool for this porpouse?
yes, but it is not recommended for real distribution as establishing
trust is harder.
--> I read you typically get a certificate from an independent Certificate
Authority
--> if you want to sign software that will be distributed over the Internet.
--> Please give more details about this.
--> Thanks
--> Licia Florio
Check out the above urls.
Hope this helps,
Hemma