I direct the discussion to

https://blogs.oracle.com/java-platform-group/entry/new_security_requirements_for_rias

I believe this is the end of the unsigned Jmol Java applet along with JSpecView and JME.

In addition, I'm pretty sure our free-be signing will not pass muster as a "trusted authority":

RIAs must contain two things:
  1. Code signatures from a trusted authority. All code for Applets and Web Start applications must be signed, regardless of its Permissions attributes.
  2. Manifest Attributes
    1. Permissions – Introduced in 7u25, and required as of 7u51. Indicates if the RIA should run within the sandbox or require full-permissions.
    2. Codebase – Introduced in 7u25 and optional/encouraged as of 7u51. Points to the known location of the hosted code (e.g. intranet.example.com).
The latest upload of Jmol takes care of (2a). However, unless (2b) allows

 Codebase: *

that's pretty much it for the signed applet as well. [Or maybe someone goes into the business of making custom signed Jmol applets for people!]

Suggestions? Comments?

If deployment of the signed Jmol applet is of interest, we will need a sponsor, because a certificate costs US$500/year. Let me know if you are interested in being that sponsor.

At least we have a two-month lead on this (and I am headed for a visit with RCSB on Sunday).


Bob



--
Robert M. Hanson
Larson-Anderson Professor of Chemistry
St. Olaf College
Northfield, MN
http://www.stolaf.edu/people/hansonr


If nature does not answer first what we want,
it is better to take what answer we get.

-- Josiah Willard Gibbs, Lecture XXX, Monday, February 5, 1900