1996-04-30 - Re: The Joy of Java

Header Data

From: Steve Reid <steve@edmweb.com>
To: Hal <hfinney@shell.portal.com>
Message Hash: 1333c1d4deb5c08426f315e73f8419744c387b543c403e543b9c6496028ba9e0
Message ID: <Pine.BSF.3.91.960429122114.12216A-100000@kirk.edmweb.com>
Reply To: <199604290530.WAA25425@jobe.shell.portal.com>
UTC Datetime: 1996-04-30 05:53:29 UTC
Raw Date: Tue, 30 Apr 1996 13:53:29 +0800

Raw message

From: Steve Reid <steve@edmweb.com>
Date: Tue, 30 Apr 1996 13:53:29 +0800
To: Hal <hfinney@shell.portal.com>
Subject: Re: The Joy of Java
In-Reply-To: <199604290530.WAA25425@jobe.shell.portal.com>
Message-ID: <Pine.BSF.3.91.960429122114.12216A-100000@kirk.edmweb.com>
MIME-Version: 1.0
Content-Type: text/plain


> Somewhat independent of the security/safety issues regarding Java
> applets, there are also questions about their suitability for crypto
> applications.  Applets currently labor under several restrictions (at
> least when part of the Netscape browser) which make it hard to do crypto:
>
>   Applets cannot accept net connections, and they can only make outgoing
>   connections to the host which provided them to the browser.
>
>   Applets cannot read or write local disk files.
>
>   Applets cannot access other local hardware, such as smart cards,
>   printers, or microphones.
[SNIP]
> So there are limits to how much safety you can expect.  Hopefully with
> signed applets it will be OK to authorize some overrides of the current
> restrictions so that these other kinds of applications can be provided.

My understanding is, Java applications (as opposed to applets) don't have
those limitations, and can do _almost_ anything a C program can. The
applications still have the full cross-platform compatability. IMO dumping
the security of applets in favour of the capability of applications is a
good idea. After all, the applet security features have a lot of flaws, 
so why limit your programs when it's not offering any real security?

Signing programs is a good idea. It will provide better security than we 
currently have, without having to limit the capabilities of the software.

JMHO.

=====================================================================
| Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/)    |
| Email: steve@edmweb.com   Home Page: http://www.edmweb.com/steve/ |
| PGP Fingerprint: 11 C8 9D 1C D6 72 87 E6  8C 09 EC 52 44 3F 88 30 |
|              -- Disclaimer: JMHO, YMMV, IANAL. --                 |
===================================================================:)






Thread