Finally my own blog (thank lillian)
My latest bit of work with IcedTea and NetX was pushed into the IcedTea repo last night. While it’s not totally complete (yet), a large part of javaws security has been implemented. Let’s take a look…
Running a signed application always shows a dialog now, regardless if the code verification was successful or not. In this case, it shows that JDiskReport has an expired certificate.
Clicking on the More information button shows the details:
… and clicking on the Certificate Details button shows the info from the certificate used in signing:
Note that “Karsten Lentzsch” is the publisher of the software and “Thawte Server CA” is the 3rd party that did the signing.
In the case that an application is self signed, only one certificate is shown:
Should an application be unsigned, permission for security-sensitive operations are requested from the user, as shown in the Notepad application:
Right now only file-open, file-save, clipboard-read and clipboard-write are available as jnlp services. The rest should be coming hopefully soon.