Registration Engineering Specification

RFE:   4504750 Improve usability of Plug-in security warning dialog box

Author:  Dennis Gu
Date: 24 April 2002


1 Project Description

1.1 Overview

When the Java Plugin 1.3 or 1.4 encounters a certificate in a JAR file signature that it does not recognize, it pops up a "Java Plug-in Security Warning" dialog. The dialog display a lot of information about the certificate. It is very important for the user to understand this dialog box and the information inside dialog box. If the user responds incorrectly, they could be granting full permissions to malicious code. We decide to make this dialog as clear as possible.

Here are the items we have changed for this RFE:
1. The options "Grant Session" and "Deny" has been changed to the "Yes" and "No" buttons. Because "Do you want trust ..." is a yes or no question.

2. The questions in the dialog box will be
"Do you want to trust the signed applet distributed by ... ?"

3. Click on "More Details" button will pop up a certificate dialog box. This dialog box has detail information about the certificate which signed this applet.

1.2 Project Dependencies

N/A

1.3 OS and Browser Compatibility and Interpretability

This feature will be available on all platforms and browsers.

1.4 Performance and Scalability

Performance should not be a gating factor, since we only change the UI of this security dialog box.

1.5 Security

This is related to the security dialog box. The changes will make the user clearly understand what they are trying to do.

1.6 Internationalization (I18N) / Localization (L10N)

The text in the security dialog box will be internationalized and localized.

1.7 Packaging

The way the solution is to be delivered should be simple.

1.8 Usability

N/A

1.9 Quality

1.9.1 Unit or Functional Tests to be Delivered

1.9.2 Additional Testing Notes



2 Technical Description

2.1 Architecture

All the changes are based on the existed architecture to display the dialog box, which is in the DialogFactory.java. Some resource file has been changed to display the new texts and button names in the security dialog box. We also redesign the Certificate dialog using Swing to make it looks better. The font of the text in the security dialog box has been changed too.

2.2 Exported Interfaces/API

N/A

2.3 Imported Interfaces/API

N/A

2.4 User Interface



3 Marketing

3.1 Justification

3.2 Customer Request

3.3 Competitive Analysis



4 Management and Planning

4.1 Scope/Priority

4.2 Target Release

4.3 Resources

4.3.1 Development

4.3.2 Quality Assurance/Testing

4.3.3 Documentation

4.3.4 Technical Support

4.3.4 Special Hardware/Software

4.4 Schedule

Start Date End Date Activity Owner Status
 04.18.2002    Initial draft  dgu  started
         
Complete Started Not Started Difficulties Trouble


Appendices (as needed, suggestions below)

A. Background Information

B. Interface Specifications

C. Notes and Additional Details

D. Miscellaneous

E. Tracking

E.1 Final Webrev

E.2 Bugtraq
Bugid P S Subcategory Type Engineer Synopsis
 4504750  3  4  plugin  RFE  Dennis Gu  Improve usability of plug-in security warning dialog



Revision History

Date Version Author Description
 04.24.2002 0.1  dgu  Initial draft