Name: nt126004 Date: 06/09/2003
A DESCRIPTION OF THE REQUEST :
JWS is missing a SocketService that works the same way the PersistenceService, PrintService, ClipboardService, etc.. work.
JUSTIFICATION :
There is a clear need to interoperate with and leverage existing corporate services. Currently secure Java applications (unsigned) are unable to interoperate with existing corporate services solely because of a lack of a SocketService. Examples of Java's inability to interoperate:
1. Web Services (SOAP)
2. WebDAV
3. Access to financial systems (ACCPAC, QuickBooks, etc... which use TCP/XML to communicate)
Signing applications is a step backwards to the virus and spyware ridden world of the 1990's. A SocketService gives the user total control over when a TCP connection is made and where it is made to. I believe that this is the last missing service and that fine-grained security manager would be unnecessary if a SocketService were available.
I have written a short paper on why signing applications is a non-starter here:
http://www.scheduleworld.com/itsYourLife.html
Running unsigned applications is the perfect secure system and a special edge that .NET does not have.
However, obviously the inability to work together with other services over the network (doesn't McNealy state the N in SUN stands for Network?) is a serious oversight. Please correct it.
Thank you.
(Review ID: 187392)
======================================================================