Java Plugin 1.4 with JRE 1.3 -> Ignores certificates.

[Daniel Kasmeroglu <daniel.kasmeroglu () web de>]

During work I've found out that the combination of the 
Java Plugin 1.4 with the JRE 1.3 doesn't handle 
certificates properly. An applet signed with an 
outdated certificate shouldn't be able to get access to 
the filesystem on the client machine. However this 
happens when using the named combination. So my 
applet was able to do some filesystem operations 
without a valid certificate. For better bugtracking I've 
generated some files (HTML,JSP,Applet,Certificate) 
to reproduce this problem.

Here you'll find these files:
  http://user.cs.tu-berlin.de/~raptor/SecurityFault/

Starting point is the file SecurityFault.html .If you got 
JBuilder a corresponding project file is included.