From: Robert H. <ha...@st...> - 2013-10-31 22:38:15
|
I direct the discussion to https://blogs.oracle.com/java-platform-group/entry/new_security_requirements_for_rias I believe this is the end of the unsigned Jmol Java applet along with JSpecView and JME. In addition, I'm pretty sure our free-be signing will not pass muster as a "trusted authority": RIAs must contain two things: 1. Code signatures from a trusted authority. All code for Applets and Web Start applications must be signed, regardless of its Permissions attributes. 2. Manifest Attributes 1. Permissions – Introduced in 7u25, and required as of 7u51. Indicates if the RIA should run within the sandbox or require full-permissions. 2. Codebase – Introduced in 7u25 and optional/encouraged as of 7u51. Points to the known location of the hosted code (e.g. intranet.example.com) <http://intranet.example.com>. The latest upload of Jmol takes care of (2a). However, unless (2b) allows Codebase: * that's pretty much it for the signed applet as well. [Or maybe someone goes into the business of making custom signed Jmol applets for people!] Suggestions? Comments? If deployment of the signed Jmol applet is of interest, we will need a sponsor, because a certificate costs US$500/year. Let me know if you are interested in being that sponsor. At least we have a two-month lead on this (and I am headed for a visit with RCSB on Sunday). Bob -- Robert M. Hanson Larson-Anderson Professor of Chemistry St. Olaf College Northfield, MN http://www.stolaf.edu/people/hansonr If nature does not answer first what we want, it is better to take what answer we get. -- Josiah Willard Gibbs, Lecture XXX, Monday, February 5, 1900 |