5 Significant Java Security Improvements That Foil Attacks


3. Oracle Turns On Java Certificate Revocation Services

Oracle said it will make it easier to revoke the digital certificates of signed applets by enabling standardized revocation services by default. Signed applets will be checked against Certificate Revocation Lists or the Online Certificate Status Protocol each time they run. The functionality to inspect the chain of trust has been available but turned off by default because of performance issues. Oracle said it also improved its blacklisting functionality to allow daily updates for both blacklisted Java archive files and certificates.