Found it...try posting to netscape.dev.security for security issues in NS4x.
-Mitch
Mitchell Stoltz wrote:
> hmm, you're right, that newsgroup seems to have disappeared.
> developer.netscape.com is way out of date for the most part, and it's
> not maintained, so I'd take anything there with a grain of salt. I'm not
> sure where to take NS4x inquiries but I'll try to find out. As for
> signtool, if you've signed your applet with a "real" purchased
> certificate from a CA that Netscape knows about (like Verisign or one of
> many others), then there's no need to explicitly install it on the
> user's machine. If it's from a recognized CA, the user's browser will
> accept it the first time it encounters the applet. No installation
> necessary.
>
> As for Netscape 6, currently you can sign JavaScript. Signed Java
> applets aren't fully functional yet. For JavaScript, the process is
> roughly the same as it is in 4x.
> -Mitch
>
> Jeff Messner wrote:
>
> >
> > Where can you go to discuss Netscape 4.x issues? The docs in
> > developer.netscape.com directed me to "netscape.dev.security" on
> > secnews.netscape.com but this newsgroup does not exist.
> >
> > I guess my question could apply to NS6 too...
> >
> > I have an applet which I have signed with the Netscape signtool. My
> > company has not yet purchased an actual secure certificate yet, so for
> > testing purposes I used signtool to create one directly into the
> > Netscape user's certificate database (by the way, how can you do this
> > for NS6?)
> >
> > My question is, when we buy the real certificate and create the signed
> > applet jar file, how does the user accept/install our certificate so
> > that they can run our applet? Can this be done automatically, i.e. the
> > first time they access the applet, it realizes they don't have our
> > certificate and guides the user through installing it?
--
-------------------------------------------
"I need your help to get back to the year Nineteen Eighty-Five." --Marty
McFly
