Our security information for sign-me applets
This section provides answers to frequently asked questions regarding the security settings of the sign-me applet.
Frequently asked questions
Which security settings exist for Java?
During loading, sign-me uses an applet in order to perform transparent eID communication and signature PIN setting. This means that it is necessary to install the latest version of Java (this is automatically checked when the sign-me website is accessed) and an activated Java plug-in that matches the browser (32 or 64 bits). In order to boost Java security, we recommend that you make the following security settings for Java (Fig. 1):
Fig. 1 - Security settings
To access the Java security Settings under Windows, please click:
- Start / Control Panel / Java, or
- Start / Control Panel / Programs / Java
Now click the 'Advanced' tab and make the security settings shown in the Illustration.
How is the integrity of the sign-me applets warranted?
In order to warrant the integrity of applets during execution, these must be digitally signed by the applet manufacturer. We recommend that you check the following before agreeing to applets being executed:
- Is the website accessed SSL-encrpyted (e.g. https://live.esign-service.de)?
- Is intarsys consulting GmbH the author/originator of the applet?
- Is 'Sign Live! CC cloud suite' the name of the application?
- Was it possible to successfully verify the signature?
sign-me applet execution
The 'More information' section provides further details of the code-signing certificate. The certificate information must appear as shown below (Fig. 2):