P3
The change to require confirmation prior to running an unsigned applet (by default) makes sense in many respects.
That said, it doesn't make much sense if you have trusted sites which provide unsigned, but perfectly trustworthy applets.
We have many unsigned applets which are intentionally unsigned because they don't do out-of-the-sandbox operations. Where we need to do privileged operations we have a small signed jar that provides those operations, along with additional confirmations, etc.
I suspect customers will get rather annoyed by having to confirm execution of all unsigned applets. Has any consideration been given to allowing all applets from a given site or domain to be allowed without confirmation, e.g. everything from xxxx.com sites being allowed without confirmation.
That said, it doesn't make much sense if you have trusted sites which provide unsigned, but perfectly trustworthy applets.
We have many unsigned applets which are intentionally unsigned because they don't do out-of-the-sandbox operations. Where we need to do privileged operations we have a small signed jar that provides those operations, along with additional confirmations, etc.
I suspect customers will get rather annoyed by having to confirm execution of all unsigned applets. Has any consideration been given to allowing all applets from a given site or domain to be allowed without confirmation, e.g. everything from xxxx.com sites being allowed without confirmation.