During a conversation with ###@###.###, an issue with unsigned Java Web Start applications came up. Apps which use the PrintService, FileSaveService, etc. pop up various security dialogs during the application's run. Even for unsigned applications, it would be a much better user experience if there were an option to remember these selections from run to run. We could use as a persistent key some sort of hash of the application (codebase, resources, etc.), similar to the class loader cache key used in the Java Plug-In, and remember any permanent acceptances of these dialog boxes. We might consider doing the same in the new Java Plug-In as well in the Applet2SecurityManager, though printing from unsigned applets is probably a more rare operation than printing from unsigned Java Web Start applications.

Note that this has a workaround, which is to sign the app, but we should try to encourage the principle of least privilege, as well as save independent developers money for signing certificates. (Self-signing is a bad practice which we should not encourage.)