Procedure for Digitally Signing Code

A digital signature is intended to provide some measure of confidence for the end user that code will not do bad things, based on the user's trust in the code signer. For example, if you get an applet signed by me and you trust me, you will be more likely to let that code run with extra permissions than you would unsigned code from an anonymous source. Of course, my electronic signature, which is produced with my private encryption key, could be forged. That is, someone else could sign some code and claim that it is from me. To deal with this, digital certificates are used to validate that a given signature is from the alleged source. You can generate your own certificates, which makes sense in an intranet ...

Get PURE Java™ 2 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.