This Java applet simply reads the browser Java environment java.class.path
System property, and parses the string using the ";" token for Windows platforms.
The individual
classpath components are displayed separately for easy reading.
Since reading the system classpath is a "privileged" operation, the applet
must be digitally signed.
The applet runs using the Sun JVM via
JavaPlugin1.2.2 and has been tested with IE5 and Communicator 4.6.
How the Code was Signed
The JAR archive was
created and signed
using the Sun J2SE1.3 tools
jar.exe and jarsigner.exe, which are required to
generate RSA-based keys. [With RSA-signed code for Plugin1.2.2+, the
end user does not need to configure a policy file to enable an all/nothing
security dialog.] The RSA code-signing certificate
was generated with keytool.exe, exported as a PKCS#10
signing request, submitted to Entrust.net for cross-certification
with respect to Thawte, and reimported into the Sun keystore (.keystore).
The cross-certification information can be seen by
verifying the signed JAR archive with jarsigner.exe.
With cross-certification, an enterprise can maintain control over
certificate issuance and revocation, which offers better CA-resolution
transparency for CAs present in the commercial web-browsers.
When this applet is run and the client has JavaPlugin1.2.2 or 1.3.0, the
cryptoAPI root cert store is examined for the top (Thawte) issuing cert.
When the client has Plugin1.3.0_01, the Sun "cacerts" is checked for the
Thawte root CA cert, as seen in this
Netscape 6 applet panel region. Applet Source Code