[Gcjwebplugin-devel] Re: NSAPI/ OJI/ Applet plugin

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Wed, 2006-03-08 at 12:03 -0500, Thomas Fitzsimmons wrote:
> Hi,
> 
> On Mon, 2006-03-06 at 18:46 +0100, Philippe Laporte wrote:
> 
> > >>- Why is the security not finished? No one seriously using this plugin 
> > >>yet? Why not?
> 
> [...]
> 
> > Do you have a schedule/roadmap/timeline for this to be completed?
> 
> Here is the tracking PR for GNU Classpath's security implementation:
> 
> http://gcc.gnu.org/bugzilla/show_bug.cgi?id=13603
> 
> Gary Benson is currently writing a test suite for class library
> SecurityManager calls and adding these calls where necessary:
> 
> http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21891
> 
> but this is only one of the tasks blocking PR 13603.
> 
> With a concerted effort I believe we could have gcjwebplugin ready for
> beta testing in six months.
> 
> [...]
> 
> > What are these really missing features and how essential are they?
> 
> The main missing feature in gcjwebplugin is support for signed jars.
> Like security, we're missing infrastructure in this area but Casey
> Marshall is actively filling it in.  I don't have a timeline for this
> work.

I've reviewed the outstanding PRs on this.

There was lots of activity in April/Eraly May around the WebPlugin, but
as far as Security is concerned, the class lib seems not to have been
touched, and so I guess none of these PRs have been updated.

Appearances apart, what is the current situation on signed jars, missing
security implementation here and there and the security audit? Has a
timeline been worked out in the mean-time? Is someone in particular
interested?

Is Security seen as vital for running Applets, in the usage contexts
currently being addressed?

Thanks a lot,
-- 
Philippe Laporte




[Index of Archives]     [Linux Kernel]     [Linux Cryptography]     [Fedora]     [Fedora Directory]     [Red Hat Development]

  Powered by Linux