Secure Coding mailing list archives
Code signing and Java Web Start
From: Mona Wong-Barnum <mona () ncmir ucsd edu>
Date: Thu, 26 Feb 2004 02:45:04 +0000
Hi: I am asking for opinions on the issue of code signing and Java Web Start. We are about to have a meeting on this issue and I need some ammunition on why we should NOT be signing other people's code which we use in our Java applications that we serve out of Java Web Start. I know that signing coding from unknown sources is very bad...but I think I need some "proof" or info that will help the managers understand the implication of this in term of reliability and responsibility. It is my responsibility to educate my managers so that they can make the best possible choice; the rest is then out of my hands. All help will be greatly appreciated! thanks, Mona ================================================================== Mona Wong-Barnum National Center for Microscopy and Imaging Research University of California, San Diego http://ncmir.ucsd.edu/ "If you don't have time to do it right, will you have time to do it over?" -- unknown ==================================================================
Current thread:
- Code signing and Java Web Start Mona Wong-Barnum (Feb 25)
- RE: Code signing and Java Web Start Dave Paris (Feb 26)
- <Possible follow-ups>
- RE: Code signing and Java Web Start Gary McGraw (Feb 26)
- Re: Code signing and Java Web Start Kenneth R. van Wyk (Feb 26)