Re: Trusted Applet Question

Charlie Lai (Charlie.Lai@Eng)
Tue, 31 Mar 1998 15:50:39 -0800 (PST)

From: Charlie.Lai@Eng (Charlie Lai)
Message-Id: <199803312350.PAA14921@angeles.eng.sun.com>
Subject: Re: Trusted Applet Question
To: basilb@hotmail.com (Basil B.)
Date: Tue, 31 Mar 1998 15:50:39 -0800 (PST)
In-Reply-To: <19980319213903.16016.qmail@hotmail.com> from "Basil B." at Mar 19, 98 01:39:55 pm

hi basil,

> If I create a signed applet, and a certificate that can be reliably
> acquired by a user of my applet, how do they identify me to their
> browser's virtual machine? Everything in the documentation implies that
> to use a signed applet, one must use javakey to add the certificate to
> the identity database. However, if someone is simply a web user, and
> doesn't have the jdk, they don't have javakey. So how does the "general
> public" get to trust and use my applet?

You can do this either by having each user run the javakey utility
to create or update their own identitydb.obj file, or you might chose to
create a standard identitydb.obj file and then simply ask your users to copy
that file onto their systems.

charlie