Hi,
Yes, I think it's the same for applets as for Java Web Start applications.
I haven't tested, but I see no reasons for it to be different.
Nico
On Sun, Nov 3, 2013 at 10:17 AM, Jaime Prilusky <
jaime.prilu...@weizmann.ac.il> wrote:
> Excellent. Will this also be true for the applet version?
>
> In one year from now we’ll see if Java's still required, and, if the
> renewal requires a payment, find sources for that.
>
> Jaim
> __
> Dr Jaime Prilusky
> Head Bioinformatics
> R&D Bioinformatics and Data Management
> Department of Biological Services
> Weizmann Institute of Science
> 76100 Rehovot - Israel
>
> mail: jaime.prilu...@weizmann.ac.il
> tel: 972-8-9344959
> fax: 972-8-9344113
> OCA, http://oca.weizmann.ac.il (the protein structure/function database)
> Proteopedia, http://proteopedia.org (because life has more than 2D)
> ------------------------------------------------------------------------
>
> On Nov 3, 2013, at 10:57 AM, Nicolas Vervelle <nverve...@gmail.com>
> wrote:
>
> Hi Bob,
>
> I know I have a full certificate, valid for one year, but it's unclear
> what I will have to do in one year : I'm not sure if renewal is still free
> or requires some money.
> It's the only option I found that allowed me to have a free code signing
> certificate for the moment, so I decided to try it.
> Users with recent Java version have now again the ability to trust my
> application once and for all, which is a lot better than what they were
> allowed with the self-signed certificate.
>
> Nico
>
>
> On Sun, Nov 3, 2013 at 12:51 AM, Robert Hanson <hans...@stolaf.edu> wrote:
>
>> hang in there. I think we will be ok. But, Nico, are you sure you don't
>> have a 'trial version'
>>
>>
>> On Sat, Nov 2, 2013 at 2:20 PM, Nicolas Vervelle <nverve...@gmail.com>wrote:
>>
>>> Hi Jonathan,
>>>
>>> I think we can try using free certificates, I've got one 2 weeks ago
>>> from certum as they give them for free to open source developers.
>>> I'm using it for a Java application, and it seems to work a lot better
>>> than with the self signed one.
>>> If need be, I can sign a Jmol version with it to see if it works
>>> correctly with Jmol
>>>
>>> Nico
>>>
>>>
>>> On Sat, Nov 2, 2013 at 7:49 PM, Jonathan Gutow <gu...@uwosh.edu> wrote:
>>>
>>>> Ouch!
>>>>
>>>> I've been out of the loop for a while trying to get caught up on
>>>> local work issues. This does not sound good. As I read the description
>>>> from Oracle the only way to use Java in browsers that does not require a
>>>> commercial certificate and a codebase compiled for each server (possibly
>>>> you don't have to specify your codebase location in the jar, but I think
>>>> you do) is to have each local user/intranet whitelist the particular jar
>>>> from a particular source. This may be OK within a large company
>>>> infrastructure, but is not going to work for general users.
>>>>
>>>> Have I misread this?
>>>>
>>>> The most amusing thing about this is that the alternative (javascript
>>>> and things like opengl) are no more secure for the same capabilities and so
>>>> far much slower.
>>>>
>>>> We still need the java application, but I guess we pretty much need
>>>> to get everything converted to JSmol for web stuff.
>>>>
>>>> Jonathan
>>>> On Nov 2, 2013, at 1:11 PM, jmol-users-request@lists.sourceforge.netwrote:
>>>>
>>>> Assuming the $500 certificate ensures that the signed Jmol java applet
>>>> will not be blocked (?), I suspect there are a number of organizations
>>>> that
>>>> would be prepared to become sponsors...
>>>>
>>>>
>>>> Quoting Robert Hanson <hans...@stolaf.edu>:
>>>>
>>>> I direct the discussion to
>>>>
>>>>
>>>>
>>>> https://blogs.oracle.com/java-platform-group/entry/new_security_requirements_for_rias
>>>>
>>>>
>>>> I believe this is the end of the unsigned Jmol Java applet along with
>>>>
>>>> JSpecView and JME.
>>>>
>>>>
>>>> In addition, I'm pretty sure our free-be signing will not pass muster
>>>> as a
>>>>
>>>> "trusted authority":
>>>>
>>>>
>>>> RIAs must contain two things:
>>>>
>>>>
>>>> 1. Code signatures from a trusted authority. All code for Applets
>>>> and
>>>>
>>>> Web Start applications must be signed, regardless of its Permissions
>>>>
>>>> attributes.
>>>>
>>>> 2. Manifest Attributes
>>>>
>>>> 1. Permissions ? Introduced in 7u25, and required as of 7u51.
>>>> Indicates
>>>>
>>>> if the RIA should run within the sandbox or require
>>>> full-permissions.
>>>>
>>>> 2. Codebase ? Introduced in 7u25 and optional/encouraged as of
>>>> 7u51.
>>>>
>>>> Points to the known location of the hosted code (e.g.
>>>>
>>>> intranet.example.com) <http://intranet.example.com>.
>>>>
>>>>
>>>> The latest upload of Jmol takes care of (2a). However, unless (2b)
>>>> allows
>>>>
>>>>
>>>> Codebase: *
>>>>
>>>>
>>>> that's pretty much it for the signed applet as well. [Or maybe
>>>> someone goes
>>>>
>>>> into the business of making custom signed Jmol applets for people!]
>>>>
>>>>
>>>> Suggestions? Comments?
>>>>
>>>>
>>>> If deployment of the signed Jmol applet is of interest, we will need a
>>>>
>>>> sponsor, because a certificate costs US$500/year. Let me know if you are
>>>>
>>>> interested in being that sponsor.
>>>>
>>>>
>>>> At least we have a two-month lead on this (and I am headed for a
>>>> visit with
>>>>
>>>> RCSB on Sunday).
>>>>
>>>>
>>>>
>>>> Bob
>>>>
>>>>
>>>> Dr. Jonathan H. Gutow
>>>> Chemistry Department gu...@uwosh.edu
>>>> UW-Oshkosh Office:
>>>> 920-424-1326
>>>> 800 Algoma Boulevard FAX:920-424-2042
>>>> Oshkosh, WI 54901
>>>> http://www.uwosh.edu/facstaff/gutow
>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Android is increasing in popularity, but the open development platform
>>>> that
>>>> developers love is also attractive to malware creators. Download this
>>>> white
>>>> paper to learn more about secure code signing practices that can help
>>>> keep
>>>> Android apps secure.
>>>>
>>>> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
>>>> _______________________________________________
>>>> Jmol-users mailing list
>>>> Jmol-users@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/jmol-users
>>>>
>>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Android is increasing in popularity, but the open development platform
>>> that
>>> developers love is also attractive to malware creators. Download this
>>> white
>>> paper to learn more about secure code signing practices that can help
>>> keep
>>> Android apps secure.
>>>
>>> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
>>> _______________________________________________
>>> Jmol-users mailing list
>>> Jmol-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/jmol-users
>>>
>>>
>>
>>
>> --
>> Robert M. Hanson
>> Larson-Anderson Professor of Chemistry
>> St. Olaf College
>> Northfield, MN
>> http://www.stolaf.edu/people/hansonr
>>
>>
>> If nature does not answer first what we want,
>> it is better to take what answer we get.
>>
>> -- Josiah Willard Gibbs, Lecture XXX, Monday, February 5, 1900
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Android is increasing in popularity, but the open development platform
>> that
>> developers love is also attractive to malware creators. Download this
>> white
>> paper to learn more about secure code signing practices that can help keep
>> Android apps secure.
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Jmol-users mailing list
>> Jmol-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/jmol-users
>>
>>
> ------------------------------------------------------------------------------
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk_______________________________________________
> Jmol-users mailing list
> Jmol-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/jmol-users
>
>
>
>
> ------------------------------------------------------------------------------
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
> _______________________________________________
> Jmol-users mailing list
> Jmol-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/jmol-users
>
>
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Jmol-users mailing list
Jmol-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jmol-users
