[ale] Java Code Signing Certificates?

Greg Freemyer greg.freemyer at gmail.com
Tue Jan 31 10:03:46 EST 2006


ajug turns out to be a closed list and I'm not subscribed.

Can you repost any interesting responses back to here?

Thanks, Greg
On 1/31/06, Christopher Fowler <cfowler at outpostsentinel.com> wrote:
> This is a good question.  I'll be following this thread.
> We have an applet on our Tomcat server that many of our customers as
> asked us if that applet could gain access to the Windows clipboard.  The
> only way I could see this being done is by a certificate.  When I've
> pushed the numbers on them they decided that copy and paste was not
> worth that much dinero.
>
> I'm cc'ing ajug since they will have come insight on certs.
>
> On Tue, 2006-01-31 at 08:54 -0500, Greg Freemyer wrote:
> > All,
> >
> > I have an Java app (including applets) I support.  Historically we
> > have used it on a very restricted Intranet basis so we just modified
> > the java.policy file on the client machines to give us the security
> > access we need.
> >
> > We are now wanting to do a pilot where we let our users have access
> > from random machines on the Internet.
> >
> > To do that we need to sign our applets.  I just checked at Verisign
> > and find they sell a code-signing cert:
> >
> > > VeriSign SSL Certs:
> > > Price: 3-Year Certificate:  $2,480
> > > Price: 2-Year Certificate:  $1,790
> > > Price: 1-Year Certificate:  $995
> > >
> > > Verisign Code Signing:
> > > 3-Year $431/year
> > > 2-Year $447/year
> > > 1-Year $499/year
> >
> > Since this is a pilot I want to get by as cheaply as I can.
> >
> > I know for the SSL cert. I can self generate for free and not have a
> > well known cert like the above.  (We currently do this with Tomcat).
> >
> > Does anyone know how the Java Appliet code signing works?  Can I self
> > sign?  If not, can I get by with just the $499 Code Signing cert, or
> > do I have to have both a SSL Cert and a Code Signing cert from the
> > same source.
> >
> > Also, if I have to have a 3rd party cert. who is the cheapest place to
> > get it from.  Surely not Verisign.
> >
> > Thanks
> > Greg
> > --
> > Greg Freemyer
> > The Norcross Group
> > Forensics for the 21st Century
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>


--
Greg Freemyer
The Norcross Group
Forensics for the 21st Century



More information about the Ale mailing list