If the applet were appropriately signed and certified, there would be no popup or warning to worry about.
Er... this has been stated a couple of times now, and it makes me wonder. I haven't tried recently, but my impression was that an applet ALWAYS has to ask before it gets out of the sandbox. The message is just less scary if the applet is signed *properly*, i.e. the signature is certified by a known CA. But you still have to click through.
Otherwise, anyone with a certified key could write an applet and silently gain access to my file system... that would be quite nasty.
-- daniel