31
MIDP 2.0 Security Model
attribute with this name. The value of each attribute is abase64 encoded certificate that will need to be decoded and parsed.
2.Validate the certification path using the basic validation process as described in RFC2459 using the protection domains as the source of the protection domain root certificates.
3.Bind the MIDlet suite to the corresponding protection domain that contains the protection domain root certificate that validated the first chain from signer to root.
4.Begin installation of MIDlet suite.
5.If attribute
The Table 29 describes actions performed upon completion of signer certificate verification:
|
|
Result | Action |
|
|
Attempted to validate <n> paths. No public keys of the issuer for the certificate can be found, or none of the certificate paths can be validated.
More than one full certification path is established and validated.
Only one certification path established and validated.
Authentication fails, JAR installation is not allowed.
Implementation proceeds with the signature verification using the first successfully verified certificate path for authentication and authorization.
Implementation proceeds with the signature verification.
Table 29 Actions performed upon completion of signer certificate verification
Verifying the MIDlet Suite JAR
The following are the steps taken to verify the MIDlet suite JAR:
1.Get the public key from the verified signer certificate.
2.Get the
3.Decode the attribute value from base64 yielding a PKCS #1 signature, and refer to RFC 2437 for more detail.
4.Use the signer’s public key, signature, and
5.Once the certificate, signature, and JAR have been verified, the MIDlet suite is known to be trusted and will be installed (authentication process will be performed during installation).
120
