[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Java & signed applets
On Thu, 16 May 1996, Lyal Collins wrote:
> Signing anything is somewaht a waste of time, unless the verification
> siftware is highly trusted, and there is good intergity/authenticity
> control of the root public key(s).
The verification software is simple enough to be quite highly trusted,
and if the privilege model is stupid enough, it too can be quickly
verified. The trickiest part of the process is making sure that you
don't sign any code you're not prepared to vouch for...
Simon