Authentication

• The signed JAR file is the mechanism

• Enables the class loader to know definitively where the class came from, and if it has been tampered with.

• Does NOT imply that Java should trust all signed JAR files

• Does NOT protect the privacy of the information in the JAR file - for that you need encryption