Talk:Java Security Domains
Featured article, February 15th 2010 (week 8)
What Nokia devices are support 2.0.1 security policy ?
Hartti: There are minor differences to the MIDP 2.0.1 API access settings on all Nokia phones (at least I am not aware of any exact match)
joachim.richter: The document talks mostly about MIDP. What about CLDC alone?
Hartti: The security domain policy was introduced in MIDP 2.0. MIDP 1.0 does not have anything like that (well, in real life MIDP 1.0 MIDlets are so powerless that they cannot do much "harm"). CLDC alone is not very useful as there are no UI for example defined in CLDC, it always requires a profile on top of it. MIDP is the profile for mobile phones and hence the security domain policy is only relevant from MIDP perspective
Does this clarify the situation at all, or only confuse you more?
joachim.richter: Well, it seems that security domain policy is an MIDP issue, maybe only on Nokia/Symbian phones. But CLDC alone can open/close connections (javax.microedition.io.Connector), maybe even locally ("file://..."). Is the involved security handled by granting platform capabilities? If so, do I have to deploy CLDC .jar files with .SIS containers?
Hartti: The MIDP security policy is implemented (in different ways) on all MIDP 2 phones. So it affects all such phones. Some of them have even more restrictions in place than Nokia phones. There are even some really restricted operator branded phones. CLDC alone is not useful as there are no application lifecycle methods - those are all part of MIDP. The Jave ME VM will only run MIDlets on the phone, there is no such thing as standalone CLDC libraries.
Hi I hope you can help me
I am trying to access the following website on my phone
I am being told that I need to download Java before access.
How do I get Java for Nokia E65
Hartti: You cannot run browser Java applets on mobile phones. Unfortunately.
Does that mean I also can't do internet banking on nokia E65?
Hartti: If your online banking solution requires running Applets, then the answer is no. However there are online banking solutions from many banks which can be used with mobile devices. Depends on the bank.
Tushar (tgkprog): I just spent 14 hours over 3 days getting a Thawte cert only to find out that though most phones (including my Nokia 5300, 3110c and customers other hand sets do not have Thawte premium root certificate (meaning its useless for java midlets) need to use the more expensive Verisign. they say they pass the info on to Verisign as its the same co now! fingers crossed.
now real question/ suggestion : cant nokia publish what are the phones and what are the premium certificates on each? now when I go on my phones Menu/ Settings/ security settings - Authority Certificates I can see when I open the Thawte one that its not he premium one. The technical person at Thawte told me that's what we need. and I can see that there are two verisign certificates and one does say its the Class 3 Primary - that's the one we need.
Hartti: Thanks for the suggestion. Currently we do not have that kind of information available. Unfortunately