A Java applet is used to digitally sign HTML form's data with client side certificates (smartcard, accessed via MS certstore).

We use AccessController.doPrivileged to get private key for signing, so we need the applet to be privileged.

The applet is signed, trusted, CRLs are checked as the applet is started.

Before executing the Liveconnect call an Allow/Dont-Allow window pops up.