On Mon, Nov 24, 2008 at 2:31 PM, Brion Vibber <[EMAIL PROTECTED]> wrote: > Aryeh Gregor wrote: >> They wouldn't have to click through if it was signed, would they? > > Yes they would. > > If that wasn't the case, then any web site you visited could read all > your files without notifying you simply by signing their malware applet.
I don't know anything about Java signing; I was relying on (my possibly incorrect reading of) what Greg Maxwell has said in this thread. I was assuming there was some kind of PKI being used here, as with HTTPS, so that "trusted" applets would silently run with more permissions. If not, then never mind what I said above. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l