Thanks for sharing this Sven.
Applets never took off except after the initial hype. The only applet I use nowadays is my bank website which uses an applet to authenticate users (besides the login/password). Like it or not, applets reached their "end of life" long time back.
When JWS was introduced, I was pretty excited, especially with the fact it could automagically grab and install the updates. Sadly, it did not find much use in the real world considering practically everyone is preferring a 'thin/web' client. And of course you now have the mobile clients. Overall things dont look good for conventional thick clients.
I suspect the self signed certs being not allowed could have more of a commercial reason behind them. I think one of the comments from the links you posted sums it nicely
Ridiculous that an applet will need signing only for running in sandbox!
Flash does not need that, Silverlight neither!
What is the reasoning behind it besides that Oracle cannot make the sandbox work reliably?
A lot of very useful unsigned applets (math, physics, etc.) are out there; and they will not run after 7u51 just because "programmers" at Oracle are not able / willing to do their duties?!
Who will use applets in the future, who will pay for a 1 year certificate 200-300$ (besides maybe the large gaming studios)?
Shame on you Oracle for killing such a good platform!
Over the years I have deployed many Applets and WebStart applications but I now only have one Applet and no WebStart applications still live. The Applet is 10 or so years old and is used to display data that I have found by research and users of the Applet have submitted; it most definitely runs within the Sandbox. I was thinking of updating the Applet but the changes to the security model mean I shall just withdraw it.
Oracle seem to have a basic misunderstanding of what signing an application/Applet does for security. Anyone can purchase from a CA a signed certificate but it does not prove they are trustworthy; it only attempts to prove that they are who they say they are and even then the checks made are pretty thin. Al Capone could have purchased one. A Mafia boss could purchase one. Osama bin Laden could have purchased one.
The new security model for Java will just be another nail in the coffin of Java based web application clients.
Joined: Sep 03, 2008
Maneesh Godbole wrote:
Like it or not, applets reached their "end of life" long time back.
Well, I wouldn't go that far. I agree that applets "never took off", but there is obviously still some need for RIAs that require more reliability/memory/performance than an AJAX-Framework can provide. And even if applets never reached the popularity they deserved(!) I believe they will never really die as well. Even this forum still offers "Applets" as a category that has its visitors (e.g. you and me)
But I really think somewhere on the way something went terribly wrong, now that everyones first appoach to RIA is using HTML/CSS/AJAX ... with HTML5 as the latest consequence of that development. Don't get me wrong: HTML5 is a good thing ... but still a result of a wrong market-development.
Applets will probably never reach the mobile market, but I really wish (but don't expect) some revplution would happen that provides a different, more solid (non-java?) solution for RIAs ... and no HTML-based patchwork that was developed because all the lemmings walked in the wrong direction.