Java In Netscape Communicator
This week our focus changes, momentarily, from Sun to Netscape, as Netscape's plans for the fourth major release of its ever-popular Web browser (called Netscape Communicator) continue to unfold.The reasons for keeping an eye on this are obvious: While some may be hesitant to say it too loudly, Java would be little more than a curiosity for most Internet users without Netscape's continued patronage. It was widespread Web browser support of the Java standard (even if only in part; Web browsers are primarily interested in Java for its secure and portable applet functionality) that made it a major force in the Internet community, and it will be the continued support of Web browser developers that keep it that way--at least for the moment.
Of course it's a symbiotic relationship. Netscape (as well as major competitor Microsoft) needs the Java functionality as much as Java needs its support. Java, probably more than any other recent development in the Internet community, represents a significant step in the evolution of Web pages--from first-generation HTML to the new, supermodern, interactive medium that's been so much prophesied in fiction and media.
In suitable regard for this relationship, Netscape has expended tremendous effort in developing and integrating a major portion of the Java package into its product. From the outset it's been inseparable from the distribution release, despite its considerable size. Other competitors, such as Macromedia's Shockwave and Progressive Networks' RealAudio, have had to politely force users to download their products separately as Netscape plug-ins before use.
We were hopefully expectant of timely support from Netscape for the new version of the JDK (with its host of new features), and we're gratified to see that Netscape claims to be updating its support of Java to be current with the JDK version 1.1 in its next release--Netscape Communicator.
Additionally, Netscape is claiming to offer a far more comprehensive approach to applet security, applying the newly developed security enhancements we've spoken about in version 1.1 to create a "Signed Object" security scheme, which it claims has been developed under the advisement of a team from Princeton. We presume these are the same people who've been providing such excellent scrutiny of the Java security system thus far.
Details are sketchy at best. A liberal reading of Netscape's product marketing indicates full support of the new Java standard in the final "Navigator 4.0" release, augmented with the improved security model. Estimates change; we don't even look at what Netscape is claiming, but conservatively guess we'll be seeing this product finishing its run in public beta and going live within the next four to six months, or potentially much sooner.
We've already talked about many of the cool developments occurring within the new Java standard--just check out our previous issues for this year. The news today is what Netscape plans to add--although details about this are weak as well. Again, from what can be culled from public sources at Netscape, there will apparently be a new, comprehensive, flexible security scheme in place that can allow different Java applets different degrees of trust, codified in "access levels."
The new scheme is buttressed by Java's new capability for digital signing; we daresay this is the first really sensible one that's been seriously attempted. Until now we've had ActiveX's frankly irresponsible approach of giving ActiveX Objects access to everything or nothing, depending on whether a user trusts his or her digital signatures and Java's more sensible but less powerful "universally restrictive" applet behavior under Netscape.
Now, hopefully, users will have both the ability to verify the authors and authenticity of their Java products and the backing of the already fairly robust Java security system. Perhaps, more importantly, it will now be possible for applet designers to write applets capable of using the Java system to its fullest potential: Netscape users will theoretically have the power to grant access for our applets to connect to other hosts besides their home Web server via network, or to read and write to their host computer's disks, and so forth.
While Java has always had the flexibility to make this possible in its security framework, Netscape's current offerings have been (perhaps sensibly) deficient in allowing any departure from the highly conservative default security system.
We'll certainly be keeping an eye on Netscape's progress in the coming weeks, and will keep you informed of additional developments here as we become aware of them. Tune in next week for more.
