Re: signed applets a solution --never!

[Rachel Rosencrantz <rachel () predictive com>]

Hal said:
> When I received a signed applet with one popular browser based system a 
> large, suitable-for-framing certificate appears across my screen so 
> officious and grand in appearance as to resembles a 19th century  peace 
> treaty. The grander its appearance the truer its claim?  It works for 
> advertising so why not here?   With all confidence games each mark gets to 
> answer the simple question: allow access or not. Can you resist? Will your 
> users?  

I think the real usability/benefits of signed applets is _not_
going to be found when you let the users make the decision.  A signed
applet is not enough to guarantee an applet.  (And who says users
are going to care if something is signed.  They'll probably set the
option to autoaccept.)  The reason I think that signed applets can
be at all useful is if they can be filtered at the gateway to
the internet point.

Why?  Well, whether I like it or not, there are companies who are 
now providing documentation over the web and requiring an applet
to get at the documentation.  This is probably not the only 
case where companies are going to provide things that are "vital"
to the functioning of their customers over the web with an applet.
As much as I might want to tell them, do it some way without active
content, if the distribution method doesn't change, and the company
thinks this is critical to operation, then the data must go through.
At least with a signature you get a slightly better assurance that
the app isn't a hack than if you just allow java from that site
to come in.  

If you download a patch to the operating system relying on the digital
signature or MD5 hash to verify the validity of the patch you really
are doing the same thing, only there is no sandbox for that /bin/login
patch that gets installed.  


-Rachel