Hi, On Wed, 2006-03-08 at 12:03 -0500, Thomas Fitzsimmons wrote: > Hi, > > On Mon, 2006-03-06 at 18:46 +0100, Philippe Laporte wrote: > > > >>- Why is the security not finished? No one seriously using this plugin > > >>yet? Why not? > > [...] > > > Do you have a schedule/roadmap/timeline for this to be completed? > > Here is the tracking PR for GNU Classpath's security implementation: > > http://gcc.gnu.org/bugzilla/show_bug.cgi?id=13603 > > Gary Benson is currently writing a test suite for class library > SecurityManager calls and adding these calls where necessary: > > http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21891 > > but this is only one of the tasks blocking PR 13603. > > With a concerted effort I believe we could have gcjwebplugin ready for > beta testing in six months. > > [...] > > > What are these really missing features and how essential are they? > > The main missing feature in gcjwebplugin is support for signed jars. > Like security, we're missing infrastructure in this area but Casey > Marshall is actively filling it in. I don't have a timeline for this > work. I've reviewed the outstanding PRs on this. There was lots of activity in April/Eraly May around the WebPlugin, but as far as Security is concerned, the class lib seems not to have been touched, and so I guess none of these PRs have been updated. Appearances apart, what is the current situation on signed jars, missing security implementation here and there and the security audit? Has a timeline been worked out in the mean-time? Is someone in particular interested? Is Security seen as vital for running Applets, in the usage contexts currently being addressed? Thanks a lot, -- Philippe Laporte
