This isn't the forum for a full blown discussion of the financial, policy and legal reasons that SSL is not appropriate. Off the top of my head, consider:
- does SSL support transaction signing or granular encryption? - The technical and support implications of end user key generation requirements - accountability for a single credential which can be installed on more than one computer - support for password caching and it's effect on non-repudiation On 05/09/2012 8:01 AM, "Kevin Wright" <[email protected]> wrote: > EcmaScript might not, but I'm pretty sure that HTTP does. Is there a > browser/OS combo out there nowadays that WON'T offer to install a > certificate in a well-known format? Even cUrl has certificate support. > > Personally, I think that web devs should be legally obliged to download at > least 10% of their content using cUrl. We'd lose the most painful redirect > chains in a week, and halve the burden on mobile broadband networks as a > result (yes, t.co and bit.ly, I'm looking straight at you!) > > > > On 4 September 2012 22:16, Ryan Schipper <[email protected]> wrote: > >> Java applets are also used in Australia to access the Tax Office and >> other departments online services using digital certificates. >> >> I worked in the responsible team for 5 years. For obvious reasons I can't >> discuss in detail. That said, its hard to refute that implementing a single >> Java applet is a lot more cost effective than developing and maintaining >> native add-ons (or plugins) for two platforms and six different browsers. >> >> As far as I know, the EcmaScript standard doesn't define an interface for >> x.509 / pkcs#11. If it did, there would be significantly fewer applets in >> the world. Mind you, people would then ring up and complain when their key >> store doesn't persist between browsers (due to a lack of CAPI / Keychain >> integration). >> >> =) >> >> >> On Wednesday, September 5, 2012, Casper Bang wrote: >> >>> Unfortunately the same applies in Denmark, where it's needed even to log >>> in. To make things worse, its primary purpose seems to be to be able to >>> bootstrap unknown lazily-loaded code and use JNI to launch native stuff. >>> *Head down in embarrassment* >>> >>> On Tuesday, September 4, 2012 10:30:06 AM UTC+2, Jim Cheesman wrote: >>>> >>>> They're still used for things like browser-based digital signing, at >>>> least here in Spain. The official ID card (which everyone over 16 is >>>> legally obliged to possess) includes a digital certificate (actually 2) for >>>> access to government services online. This is commonly implemented using a >>>> Java applet. (OK, the access doesn't require an applet, but signing any >>>> official request does.) >>>> >>>> >>>> >>>> >>>> On Thursday, 30 August 2012 23:39:53 UTC+2, Jon Kiparsky wrote: >>>>> >>>>> I thought applets had died out years ago... >>>>> >>>>> On Thu, Aug 30, 2012 at 5:36 PM, phil swenson <[email protected]>wrote: >>>>> >>>>>> That's a great solution. Kill Applets/JWS. Maybe they could put >>>>>> those resources into something useful. They lost the UI wars (esp in the >>>>>> browser) many years ago. >>>>>> >>>>>> >>>>>> On Thu, Aug 30, 2012 at 12:33 PM, Puybaret <[email protected]> wrote: >>>>>> >>>>>>> The most weird thing is that Oracle didn't communicate on its web >>>>>>> site about his issue yet. :-( >>>>>>> Do they want to kill Applets and JWS or what? >>>>>>> >>>>>>> > -- > You received this message because you are subscribed to the Google Groups > "Java Posse" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/javaposse?hl=en. > -- You received this message because you are subscribed to the Google Groups "Java Posse" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
