Below are the basic facts regarding applet security and Java Plug-in. More detail can be found in the next chapter, How RSA Signed Applet Verification Works in Java Plug-in.
usePolicyIS NOT DEFINED in the
java.policyfile, then a signed applet has the
usePolicyIS DEFINED, then a signed applet has only the permissions defined in
java.policyand no prompting occurs.
Moreover, note that Java Plug-in now handles certificate management; i.e., the certificate verification task is no longer passed off to the browser.