Date: Thu, 09 Apr 1998 09:53:39 -0400
From: Zhang Jiqing <zhangj@cslab.uky.edu>
To: java-security@web4.javasoft.com
Subject: signed netscape ?
Dear Sir:
After visiting your page at
http://java.sun.com/security/signExample/
I have two questions:
1. signed api works only on appletviewer. when you use netscape
browser, it still does not work.
for example, your signedWriteFile will throw a IOException
if I use netscape to browse it.
2. why tmp/foo is not created while signedWriteFile tell me the
success.
3. after the archive file is created, I modified the java code and
created a new class file, the signedWriteFile still work
on appletviewer. Does this mean that once you trust a signed
API, you trust its later version too.
In my opinion, this could be a serious security problem i
f the answer is yes.
Thank you very much
zhang Jiqing
graduate student at University of Kentucky