Below are the basic facts regarding applet security and Java Plug-in. More detail can be found in the next chapter, How RSA Signed Applet Verification Works in Java Plug-in.
usePolicy IS NOT DEFINED
in the java.policy file, then a signed applet has the
AllPermission permission if:AllPermission permission. usePolicy IS DEFINED, then a signed applet has only
the permissions defined in java.policy and no prompting occurs.Moreover, note that Java Plug-in now handles certificate management; i.e., the certificate verification task is no longer passed off to the browser.