Newbie question: Signing a Java applet
in [Java Programming]
|
Prev: When is software good enough? (was Re: Motivation of software professionals)
Next: JFreeChart - Legend control with adding different series
From: Roedy Green on 15 Feb 2010 21:07 On Sun, 14 Feb 2010 18:32:36 -0800 (PST), Andrew Thompson <andrewthommo(a)gmail.com> wrote, quoted or indirectly quoted someone who said : > >The last time I heard, Thawte was issuing some >'freemail' certificates (for free). They are for email signing, not code signing. When you buy a cert, you are paying for the research they do to ensure whatever facts are burned into the cert are indeed true. -- Roedy Green Canadian Mind Products http://mindprod.com Nothing has really happened until it has been recorded. ~ Virginia Woolf (born: 1882-01-25 died: 1941-03-28 at age: 59)
From: Andrew Thompson on 15 Feb 2010 21:52 On Feb 16, 1:07 pm, Roedy Green <see_webs...(a)mindprod.com.invalid> wrote: > On Sun, 14 Feb 2010 18:32:36 -0800 (PST), Andrew Thompson > <andrewtho...(a)gmail.com> wrote, quoted or indirectly quoted someone > who said : >... > >The last time I heard, Thawte was issuing some > >'freemail' certificates (for free). > > They are for email signing, not code signing. I'm almost certain I encountered one JWS based app. that had the author/vendor listed at the trust prompt as "Thawte Freemail User" or WTE. Unfortunately I cannot provide any more details, except that AFAI(vaguely)R, it was used by someone who used to be a regular poster around usenet (I cannot afford to run trusted code from parties that I neither know nor trust). -- Andrew T. pscode.org
From: mikevb on 15 Feb 2010 21:58 Thanks for everyone's help and ideas. I've bought a Thawte certificate, so I really hope that works, given the price (US$299). Roedy, your pages were very helpful; I had encountered them during my search, but I think I was having other problems at the time (JDK path was wrong, so I appeared to be missing some tools I needed). Once I had everything sorted out, it was fairly easy to create certificates, and also the CSR that Thawte wanted. On Feb 16, 3:07 pm, Roedy Green <see_webs...(a)mindprod.com.invalid> wrote: > On Sun, 14 Feb 2010 18:32:36 -0800 (PST), Andrew Thompson > <andrewtho...(a)gmail.com> wrote, quoted or indirectly quoted someone > who said : > >The last time I heard, Thawte was issuing some > >'freemail' certificates (for free). > > They are for email signing, not code signing. > When you buy a cert, you are paying for the research they do to ensure > whatever facts are burned into the cert are indeed true. I think Andrew's right - I encountered multiple references to this in my research. I'm not a crypto/certificate/signing expert at all (clueless in that area really), so I really don't know what's realistic or not, but several people seemed to suggest it worked. However, the names on the certificate appeared to be unsuitable for my use, and also, those certificates are no longer available as of November 2009. So, no options there really! Thanks, Mike
From: Roedy Green on 17 Feb 2010 00:49 On Mon, 15 Feb 2010 18:52:54 -0800 (PST), Andrew Thompson <andrewthommo(a)gmail.com> wrote, quoted or indirectly quoted someone who said : >I'm almost certain I encountered one JWS based app. that >had the author/vendor listed at the trust prompt as >"Thawte Freemail User" or WTE. I wonder if they figured out some sort of gene splicing to create the certificate. Maybe he works for a company with a name similar to "freemail". If you run across it again, please tell us about it. I'd be interested in figuring out how he did it. -- Roedy Green Canadian Mind Products http://mindprod.com Nothing has really happened until it has been recorded. ~ Virginia Woolf (born: 1882-01-25 died: 1941-03-28 at age: 59)
From: Roedy Green on 17 Feb 2010 00:55
On Mon, 15 Feb 2010 18:58:41 -0800 (PST), mikevb <falco(a)fenz.net> wrote, quoted or indirectly quoted someone who said : >Once I >had everything sorted out, it was fairly easy to create certificates, >and also the CSR that Thawte wanted. When I went through the process some years ago, the problem was totally the lack of documentation. What you actually do is not that complicated. I thought it was very peculiar of companies to offer such expensive products with almost no instructions on what to do to get one or use it. I wrote a lot of emails to the various companies prodding them to improve their on-line docs. Thawte seemed most receptive. Happily, possibly partly at my urging, the situation has greatly improved. There is quite a bit to read about certificates, (more than you wanted to know about penguins) on my site, but if you wade through it, I think you will have a good shot at buying the right sort of certificate and get it ordered and installed on the first go. Get started at http://mindprod.com/jgloss/certificate.html -- Roedy Green Canadian Mind Products http://mindprod.com Nothing has really happened until it has been recorded. ~ Virginia Woolf (born: 1882-01-25 died: 1941-03-28 at age: 59) |