Firewall Wizards mailing list archives
RE: signed applets a solution --maybe!
From: Hal <hal () mrj com>
Date: Mon, 15 Dec 1997 19:01:34 -0500
I pretty much agree with what you say. Here's my problem: A web page comes into my system and with it three objects: one is java from xyz company another VB does commo and is from Microsoft and the third is, a very useful component from a company whose name reguires characters drawn from the international topography typeset. (Their name has no latin letter equivalent, Japanese for example). Lets say they are all signed! How do I know if its ok to load these objects? Answer --I don't and I can't. Has risk been reduced? Yes, somewhat on the xyz and microsoft is (i guess) ok. But what about object three. I am now forced into "branding" To play it safe I admit only objects authored by a well known institution in other words, name brands. In the end perhaps that the best we can hope for. (People now usually say something about letting the marketplace decide.) - As to the firewall vs distributed control I am not certain its clear who is going to win that arguement. There is a growing body of users who suspect the merits of a firewall. They are web users and firewalls get in their way because it prevents their arbitrarily using any port at any time. An increasing number of web services ordinary and not so ordinary are feeding this trend. ---------- From: Rachel Rosencrantz[SMTP:rachel () predictive com] Sent: Sunday, December 14, 1997 1:08 PM To: hal () mrj com Cc: firewall-wizards () nfr net Subject: Re: signed applets a solution --never! Hal said:
When I received a signed applet with one popular browser based system a large, suitable-for-framing certificate appears across my screen so officious and grand in appearance as to resembles a 19th century peace treaty. The grander its appearance the truer its claim? It works for advertising so why not here? With all confidence games each mark gets to answer the simple question: allow access or not. Can you resist? Will your users?
I think the real usability/benefits of signed applets is _not_ going to be found when you let the users make the decision. A signed applet is not enough to guarantee an applet. (And who says users are going to care if something is signed. They'll probably set the option to autoaccept.) The reason I think that signed applets can be at all useful is if they can be filtered at the gateway to the internet point. Why? Well, whether I like it or not, there are companies who are now providing documentation over the web and requiring an applet to get at the documentation. This is probably not the only case where companies are going to provide things that are "vital" to the functioning of their customers over the web with an applet. As much as I might want to tell them, do it some way without active content, if the distribution method doesn't change, and the company thinks this is critical to operation, then the data must go through. At least with a signature you get a slightly better assurance that the app isn't a hack than if you just allow java from that site to come in. If you download a patch to the operating system relying on the digital signature or MD5 hash to verify the validity of the patch you really are doing the same thing, only there is no sandbox for that /bin/login patch that gets installed. -Rachel
Current thread:
- RE: signed applets a solution --maybe! Hal (Dec 15)
- Re: signed applets a solution --maybe! Bennett Todd (Dec 17)