Because the applet produces a digital signature from a cryptographic key on your... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		samuellb on Aug 31, 2012 \| parent \| context \| favorite \| on: Oracle knew about critical Java flaws since April Because the applet produces a digital signature from a cryptographic key on your hard drive. This is much more secure and scalable than sending the password, see [1] and [2]. An alternative solution would be to use an SSL client certificate[3] or the WebCrypto[4] API (still under development). [1] http://security.stackexchange.com/questions/3605/certificate... [2] http://en.wikipedia.org/wiki/Public-key_infrastructure [3] http://www.mozilla.org/projects/security/pki/psm/help_21/glo... [4] http://www.w3.org/2012/webcrypto/WebCryptoAPI/

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact