摘要 |
A java implementation on an electronic device determines into which protection domain a downloaded java application belongs based on a root certificate to which the application was authenticated. The MIDP 2.0 specification says that manufacturer and trusted third party domain root certificates can exist on the device. If they both exist in the device there is no way presented in the specification how to distinguish them. So once the authentication is successful, the java implementation does not know into which domain the application belongs, because it does not know which root certificate is meant for the manufacturer domain and which root certificate is meant for the trusted third party domain. The invention discloses a solution in which at least one root certificate file attribute is used to determine whether the certificate is a manufacturer or trusted third party domain certificate. If the root certificate is read-only, the java application is assigned to the manufacturer domain.
|