[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The Joy of Java



> Somewhat independent of the security/safety issues regarding Java
> applets, there are also questions about their suitability for crypto
> applications.  Applets currently labor under several restrictions (at
> least when part of the Netscape browser) which make it hard to do crypto:
>
>   Applets cannot accept net connections, and they can only make outgoing
>   connections to the host which provided them to the browser.
>
>   Applets cannot read or write local disk files.
>
>   Applets cannot access other local hardware, such as smart cards,
>   printers, or microphones.
[SNIP]
> So there are limits to how much safety you can expect.  Hopefully with
> signed applets it will be OK to authorize some overrides of the current
> restrictions so that these other kinds of applications can be provided.

My understanding is, Java applications (as opposed to applets) don't have
those limitations, and can do _almost_ anything a C program can. The
applications still have the full cross-platform compatability. IMO dumping
the security of applets in favour of the capability of applications is a
good idea. After all, the applet security features have a lot of flaws, 
so why limit your programs when it's not offering any real security?

Signing programs is a good idea. It will provide better security than we 
currently have, without having to limit the capabilities of the software.

JMHO.

=====================================================================
| Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/)    |
| Email: [email protected]   Home Page: http://www.edmweb.com/steve/ |
| PGP Fingerprint: 11 C8 9D 1C D6 72 87 E6  8C 09 EC 52 44 3F 88 30 |
|              -- Disclaimer: JMHO, YMMV, IANAL. --                 |
===================================================================:)