Java开发网 - Re:关于数字签名的迷惑！

Java开发网

您没有登录

» Java开发网 » Java Security

打印话题 寄给朋友 订阅主题

作者

Re:关于数字签名的迷惑！ [Re:feiggle]

floater

Java Jedi

总版主

发贴: 3233
积分: 421

于 2003-04-10 03:40

When you run your applet in a browser, the browser's java plug-in will prompt you whether you trust the cert(used to sign the applet). You don't need to give to users of your applet, it's already in the jar file and the browser will extract the info in the cert and show to users.

A lot of things, you have to try it, assuming people are smart enough to make things simple.

However, there is a catch. You have to push the CA cert of your cert into user's browser if it's not there. Most of the commercial CA certs are already in the browsers(out of box installation), unless you want to create your own ca cert(using like openssl) because you want to save some dollars.

Finally, you don't need to worry about LDAP, I think. There are several cases you need to do so, but not in your case. As long as users accept your cert in the browsers, the applet will start to run. They don't care whether your cert is valid or not, check against RCL to see whether your certs is revoked or not(You can install some 3rd party tools to do so); and users won't care the fields in your cert either.

However, you need to make sure your cert doesn't have an expire date(normally, cert has 365 days of validation, after that, you need to renew it). Browsers will still display your info, but users could have some doubt(I always reject expired cert no matter what).

"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
- Martin Fowler, Refactoring - Improving the Design of Existing Code

话题树型展开

人气	标题	作者	字数	发贴时间
9156	关于数字签名的迷惑！	feiggle	299	2003-04-08 11:42
7173	Re:关于数字签名的迷惑！	menzy	236	2003-04-08 14:14
7183	做成证书分发行吗？	feiggle	24	2003-04-09 09:30
7140	Re:关于数字签名的迷惑！	menzy	105	2003-04-09 16:45
7844	Re:关于数字签名的迷惑！	floater	1359	2003-04-10 03:40

已读帖子

新的帖子

被删除的帖子