Sun Microsystems will make all the Java code they own available under the GPL: http://www.sun.com/software/opensource/java/ This is a very major step. IMHO we should now make Java core part of our own strategy, as it's one of the best ways to deliver interactive content (high quality animations, learning tools, etc.). There are large numbers of free applets that we can potentially use, esp. in Wikipedia and Wikiversity. My main question is: Are there security considerations with enabling the upload and embedding of Java Applets? According to http://java.sun.com/sfaq/ one of the capabilities of applets is to open a connection to the originating host. Could this be used, e.g., to create auto-vandalism applets and if so, can we somehow protect against it? If security is a major issue, might it be feasible to maintain a whitelist of certificates (to allow applets from trusted authority to be uploaded directly), and to flag all other applets as "non-embeddable" until a sysop flips a switch, so they can be reviewed for security? We could add a big fat warning on the file description page. -- Peace & Love, Erik Member, Wikimedia Foundation Board of Trustees DISCLAIMER: Unless otherwise stated, all views or opinions expressed in this message are solely my own and do not represent an official position of the Wikimedia Foundation or its Board of Trustees. _______________________________________________ foundation-l mailing list foundation-l(a)wikimedia.org http://mail.wikipedia.org/mailman/listinfo/foundation-l