Procedure for Digitally Signing Code
A digital signature is intended to provide some measure of confidence for the end user that code will not do bad things, based on the user's trust in the code signer. For example, if you get an applet signed by me and you trust me, you will be more likely to let that code run with extra permissions than you would unsigned code from an anonymous source. Of course, my electronic signature, which is produced with my private encryption key, could be forged. That is, someone else could sign some code and claim that it is from me. To deal with this, digital certificates are used to validate that a given signature is from the alleged source. You can generate your own certificates, which makes sense in an intranet ...
Get PURE Java™ 2 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.