Why should I sign my JAR files?

Question

Why should I sign my JAR files?

I know that I need to sign my client-side JAR files (containing Applets) so that special things like filesystem access can be done, a

Answer 1

In terms of applets: From 6u10, the Sun JRE replace the warning banner with less obtrusive (from 6u12, IIRC) warning triangle (necessary to support shaped and transparent windows). 6u10 also allows controlled file access through the JNLP services API.

The principle of least privilege says that you should not sign the classes of your jar files. Security is not necessarily easy.

Simply showing a certificate dialog box should not be construed to mean that the entire contents of a web page is to be trusted.