-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gregory Maxwell wrote:
You get no warning *at all* on non-origin network
access for applets
signed by an approved key. For example:
http://www.jcraft.com/jorbis/player/JOrbisPlayer.php?play=http%3A%2F%2Fuplo…
I don't have direct knowledge for file access. I had assumed that it
was the same, but I'm guessing there.
I get a big scary dialog box here:
==
This applet was signed by "JCraft,Inc.," but Java cannot verify the
authenticity of the signature's certificate. Do you trust this certificate?
Click Trust to run this applet and allow it unrestricted access to your
computer. Click Don't Trust to run this applet with standard Java
restrictions.
[Show Certificate] [Don't Trust] [Trust]
==
Click "Show Certificate" and it expands to show cert details and adds a
little check box:
[ ] Always trust "JCraft,Inc."
This is with Firefox 3.0.4 on Mac OS X 10.5, whatever default Java
VM/plugin comes on the system.
- -- brion vibber (brion @
wikimedia.org)
For Java Web Start and complete system access I just get a fairly
friendly "This was published by Foo Corp. Do you wish to run it. [ ]
Always trust content from Foo Corp."
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iEYEARECAAYFAkkrRFAACgkQwRnhpk1wk47YRACgqvWOsdu/MWpvJ54IfoL8l8+l
KcAAn3P+dWM69MoAyqvynbSV9VdEu735
=Bvfs
-----END PGP SIGNATURE-----