 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / October 2006Signed Applets, Certificate Authorities
I have a web application with applets that access the users' file system (with permission) and upload files to a our web server. I am looking for a trusted certificate authority that can sign the applet, such that that applet is trusted (by default) by IE, Firefox/Mozilla, Safari, and Opera. Is there an applet-signing certificate authority that can sign my applet such that it is trusted by these browsers? Any pointers or recommendations would be appreciated. Thanks! John > I have a web application with applets that access the users' file > system (with permission) and upload files to a our web server. > > I am looking for a trusted certificate authority that can sign the > applet, such that that applet is trusted (by default) No way! >..by IE, > Firefox/Mozilla, Safari, and Opera. > > Is there an applet-signing certificate authority that can sign my > applet such that it is trusted by these browsers? The difference in user experience when accepting a project singed by a self-signed certificate and one certified by a CA, is that a) The security warning presented to the end user is much less scary if the code signer can be verified. b) The 'Yes/Accept' button is focused, whereas it is not with a certificate that cannot be verified. (Note that the 'certified' code will also be more like the self-signed code if the certificate is expired or net yet valid etc.) > Any pointers or recommendations would be appreciated. Thanks! (My suggestion) Stop trying to take control form your end users, but instead explain to them the benefits of your software and how it helps them when they grant it 'extended access'. Andrew T. Thanks, Andrew. I do have every intention of making it clear (before the user gets that far) what the applet will do and why the web application will require access to their file system. Everything I'm doing is above board and will be clearly explained. I just need a CA that will be certified on required browsers/platforms; otherwise it will just look like a self-signed certificate to some users. I know the user will be asked to "trust" the applet anyway; I just want that trust request to come from a piece of code signed by a known CA. John > > I have a web application with applets that access the users' file > > system (with permission) and upload files to a our web server. [quoted text clipped - 29 lines] > > Andrew T. John Brayton wrote: > I have a web application with applets that access the users' file > system (with permission) and upload files to a our web server. As I understand it, Vista will not allow applets (or other plug-ins) access to arbitrary files. You might want to check that out first. In any case, if you require network launched code to load and save files, I strongly suggest JNLP/WebStart (without signing). Tom Hawtin ... > In any case, if you require network launched code to load and save > files, I strongly suggest JNLP/WebStart (without signing). A sterling idea! (AKA "Wish I'd thought of that!") Andrew T. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.