Signed Scripts (cont’d)

• Scripts are signed using Netscape’s Signing Tool (signtool), a command-line utility that creates digital signatures for Java class files, JavaScript scripts, plugins, etc.

• Scripts may be served from a secure (SSL) server, in which case they’re treated as if signed with the public key of that server

• Users retain the right to deny the privileges requested by the signed script

  • As in Java, you are asked whether to allow a given type of operation with an option to “remember this decision”

Previous slide

Next slide

Back to first slide

View graphic version