Wednesday, October 9, 2013

Does pclient.main.ChatClient mean ParaChat?

ParaChat has offered a signed, or trusted, Java chat applet option to its customers for many years.  As of October 2013, the signed Java chat applet is the default Java.  If a customer has embedded the Java chat room code in their web page using the "applet" tag, users will see the following dialog display when the chat room loads:


To allow the signed Java chat applet to load, click the Run button.  So the dialog does not display during subsequent visits, check the "Do not show this again for apps from this publisher and location above" check box.  However, users may be reluctant to run or trust the application if its name is pclient.main.ChatClient instead of something more familiar like ParaChat.  To ease the potential reluctance of users to trust the ParaChat application, we recommend the following:

1.  Log into your ParaChat service administration area to retrieve the latest room code.  Replace the Java applet room code embedded in your web page with the latest room code you retrieved from your administration area.  Once the room code has been replaced, users will see Name: ParaChat instead, which a user may be more inclined to trust:

ParaChat Signed

2.  If you are unable to change the room code as referenced in #1 above, you may change
pclient.main.ChatClient.class in the Java applet room code in your web page to say ParaChat.class instead.

The signed ParaChat Java applet has a signature that a web browser may verify through a remotely running, independent certificate authority server. Producing this signature involves specialized tools and interaction with the certificate authority server maintainers themselves. Once the signature is verified by the certificate authority server, and the end-user also approves, a signed Java applet can get more rights, becoming equivalent to an ordinary standalone program. This approach allows Java applets to be used for many tasks that are otherwise not possible by client-side scripting. However, this approach requires more responsibility from the end-user because they have to decide whom they trust.

No comments:

Post a Comment