Hi Bob,
For a certificate from a trusted authority, you can get one from Certum for
free as an open source developer.
I got one about two weeks ago, and it seems to work ok.
https://www.certum.eu/certum/cert,offer_en_open_source_cs.xml
Nico
On Thu, Oct 31, 2013 at 11:38 PM, Robert Hanson <hans...@stolaf.edu> wrote:
> I direct the discussion to
>
>
> https://blogs.oracle.com/java-platform-group/entry/new_security_requirements_for_rias
>
> I believe this is the end of the unsigned Jmol Java applet along with
> JSpecView and JME.
>
> In addition, I'm pretty sure our free-be signing will not pass muster as a
> "trusted authority":
>
> RIAs must contain two things:
>
> 1. Code signatures from a trusted authority. All code for Applets and
> Web Start applications must be signed, regardless of its Permissions
> attributes.
> 2. Manifest Attributes
> 1. Permissions – Introduced in 7u25, and required as of 7u51.
> Indicates if the RIA should run within the sandbox or require
> full-permissions.
> 2. Codebase – Introduced in 7u25 and optional/encouraged as of
> 7u51. Points to the known location of the hosted code (e.g.
> intranet.example.com) <http://intranet.example.com>.
>
> The latest upload of Jmol takes care of (2a). However, unless (2b) allows
>
> Codebase: *
>
> that's pretty much it for the signed applet as well. [Or maybe someone
> goes into the business of making custom signed Jmol applets for people!]
>
> Suggestions? Comments?
>
> If deployment of the signed Jmol applet is of interest, we will need a
> sponsor, because a certificate costs US$500/year. Let me know if you are
> interested in being that sponsor.
>
> At least we have a two-month lead on this (and I am headed for a visit
> with RCSB on Sunday).
>
>
> Bob
>
>
>
> --
> Robert M. Hanson
> Larson-Anderson Professor of Chemistry
> St. Olaf College
> Northfield, MN
> http://www.stolaf.edu/people/hansonr
>
>
> If nature does not answer first what we want,
> it is better to take what answer we get.
>
> -- Josiah Willard Gibbs, Lecture XXX, Monday, February 5, 1900
>
>
>
> ------------------------------------------------------------------------------
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
> _______________________________________________
> Jmol-developers mailing list
> Jmol-developers@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/jmol-developers
>
>
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Jmol-developers mailing list
Jmol-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jmol-developers
