Re: What's the end user process for granting access to a signed applet in JDK 1.2

Charlie Lai (charlie@angeles.eng.sun.com)
Thu, 9 Jul 1998 13:15:13 -0800 (PDT)

From: charlie@angeles.eng.sun.com (Charlie Lai)
Message-Id: <199807092015.NAA12506@angeles.eng.sun.com>
Subject: Re: What's the end user process for granting access to a signed applet in JDK 1.2
To: kurt.seidel@att.com (Kurt Seidel)
Date: Thu, 9 Jul 1998 13:15:13 -0800 (PDT)
In-Reply-To: <3593E910.56C650CC@att.com> from "Kurt Seidel" at Jun 26, 98 02:31:45 pm

hi,

> [kurt]
>
> The problem is, the end-user
> experience for using JDK 1.1 signed applets is unacceptable. Here, it
> seems that I'd have to tell my end user's (non-computer type people at
> home potentially) to download the JDK, and instruct them on how to use
> javakey to create or update their own identitydb.obj file. Get real!
> This is just not feasible. The other option is send my end users an
> identity.obj file that I've created, and ask them to copy it onto their
> systems. Well, if someone else does this too, doesn't mine get wiped
> out? This really seems like an unworkable end-user model.
>
> My question is:
> 1) Is my understanding of SUN's JDK 1.1 signed applet end-user scenario
> correct? Or is there a more reasonable approach that I'm missing.
>
> 2) Can you tell me, or where
> can I find information on exactly what the end user scenario will be
> for JDK 1.2 signed applets.

indeed, the end-user model isn't perfectly clean in jdk1.1.
since the jdk is a platform and not an end-user product like
a browser, making the end-user experience seamless and simple
hasn't received the utmost attention, but we're working on it.

your understanding above is correct except for the fact that the
Plug-In should already contain javakey (it might not have in early
beta versions), so you no longer have to tell users to download the JDK.
however, the end user still does have to get and import the trusted
certificate using javakey.

the end-user scenario in 1.2 changes, as the security model was enhanced
http://java.sun.com/products/jdk/1.2/docs/guide/security/index.html
to give end-users the ablility to grant permissions to applets
(signed or unsigned). therefore in 1.2, the user simply edits
a security policy (via a tool) to grant applets certain permissions.

so the story in 1.2 is that the applet provider must inform the user
what your applet does, and then the user can decide whether
or not to allow those actions in their policy.

if the applet is signed, the end-user must additionally import the
trusted certificate into their keystore database using keytool
(the 1.2 improvement on javakey, which has been removed).

> [kurt]
>
> I'd like to be able to use a workable model from SUN.

> [stan]
>
> Right now it looks like there is no seamless way to get the identity
> database (identitydb.obj) onto all the client's systems. I think that
> Plug-in has an opportunity to help out here.

what we envision in the future is perhaps to enhance the Java Plug-In
itself to prompt users (much like netscape and IE do) with exactly what
actions are required by an applet as it is loaded. then the users can
click on dialog boxes to allow those actions if they so choose.

in this scenario, the user would not have to manually edit their
security policy (as i described above), as the Plug-In would handle
all the security policy matters.

hopefully this helps out a little.
thanks,
charlie