Date: Fri, 31 Jul 1998 11:08:15 -0700 (PDT)
From: Marianne Mueller <Marianne.Mueller@Eng>
Subject: Re: URL Read Feature Request
To: java-security@java.Sun.COM, edelstei@uiuc.edu
The JDK 1.2 security model would allow you to set up policies whereby
particular applets could access particular URLs.
See http://java.sun.com/products/jdk/1.2/docs/guide/security/index.html
> X-Authentication-Warning: ux7.cso.uiuc.edu: edelstei owned process doing -bs
> Date: Tue, 28 Jul 1998 23:14:21 -0500 (CDT)
> From: "Arthur D. Edelstein" <edelstei@uiuc.edu>
> X-Sender: edelstei@ux7.cso.uiuc.edu
> To: java-security@java.sun.com
> cc: java-net@java.sun.com
> Subject: URL Read Feature Request
> MIME-Version: 1.0
>
> Dear Sir or Madam:
>
> Currently browser applets cannot read nonlocal URLs because of
> security concerns.
>
> It would be useful if applets could call a function that reads URL
> Streams from any URL which is open to the general public internet, not
> just from URLs that are on the originating server.
>
> I suggest that Sun could run an authorization server to which java
> applets could connect. Before an applet could read from a given URL,
> it would have to request permission from this authorization server.
> The server would give permission to read from the URL if the URL were
> located on any publicly-readable web server. This would still prevent
> applets from reading nonpublic information on the client's network,
> but would not require any certificates or other security decisions by
> the client, nor would it require a server-side application on the
> host, which is not possible for many developers.
>
> Sincerely,
> Arthur D. Edelstein
>
>
>