We are primarily concerned with one goal of the security package: the ability to authenticate classes that have been loaded from the network. The components of the Java API that provide authentication may have other uses in other contexts (including within your own Java applications), but their primary goal is to allow a Java application (and the Java Plug-in) to load a class from the network and be assured of two things:

As we’ve seen, Java applications typically assume that all classes loaded over the network are untrusted classes, and these untrusted classes are generally given permissions consistent with that assumption. Classes that meet the above two criteria, however, need not necessarily be so constrained. If you walk into your local software store and buy a shrink-wrapped piece of software, you’re generally confident that the software will not contain viruses or anything else that’s harmful. This is part of the implied contract between a commercial software producer and a commercial software buyer. If you download code from that same software producer’s web site, you’re probably just as confident that the code you’re downloading is not harmful; perhaps it should be given the same access rights as the software you obtained from that company through a more traditional ...