NetX Improvements
Finally my own blog 
(thank lillian)
My latest bit of work with IcedTea and NetX was pushed into the IcedTea repo last night. While it’s not totally complete (yet), a large part of javaws security has been implemented. Let’s take a look…
Running a signed application always shows a dialog now, regardless if the code verification was successful or not. In this case, it shows that JDiskReport has an expired certificate.
Clicking on the More information button shows the details:
… and clicking on the Certificate Details button shows the info from the certificate used in signing:
Note that “Karsten Lentzsch” is the publisher of the software and “Thawte Server CA” is the 3rd party that did the signing.
In the case that an application is self signed, only one certificate is shown:
Should an application be unsigned, permission for security-sensitive operations are requested from the user, as shown in the Notepad application:
Right now only file-open, file-save, clipboard-read and clipboard-write are available as jnlp services. The rest should be coming hopefully soon :-).
February 6, 2008 at 3:51 pm
Awesome! Great work!
February 7, 2008 at 8:40 am
prompting the user to make complicated security decisions is always an interesting problem! You should make sure that the admin can switch off the “continue anyway” gui for the clueless.
I have a fun persona for modelling this situation: the end user who always makes the wrong security decision when prompted by the system
February 13, 2008 at 6:43 pm
[...] This release of IcedTea also includes new features added to NetX. - Signed applications display a dialog asking permission to run, with additional signing information and certificate details. - Implemented JNLP services: File read and write, Clipboard read and write. - Unsigned applications must now get permission from the user before the above JNLP services function. Check out the screenshots. [...]
February 14, 2008 at 5:26 am
thx for your great work !
)
(also all the IcedTea and OpenJDK ppl