Hi Dan, Thanks for the explanation. At this point, I really believe that Mozilla needs to provide a link pointing to this explanation as well as a link to a ticket with Oracle. The issue that makes makes me so frustrated (and I'm guessing others like me who've read this thread) is the lack of communication and transparency from Mozilla. Yours is the first explanation that I've seen that describes the problem. I still believe that a difficult for average users to implement work-around would be an additional benefit, but given this explanation, I can at least understand why one doesn't exist.
I'm not a proponent of Oracle, but the way this appears to the techie outsiders is that Mozilla is the bad guy. The mere fact that some posters left Firefox for other browsers (even if they're exaggerating or bluffing), means that it hasn't been handled well from a PR perspective. The issue looks bigger than it is merely due the lack of transparency. Thanks ​ for your time and understanding​ , Eric On Wed, Jun 3, 2015 at 10:53 AM, Daniel Veditz <dved...@mozilla.com> wrote: > The Java Deployment Kit can be used to force the use of a down-rev > vulnerable version of Java if it's installed and even prompt for its > installation (which a large number of users will fall for, even if a small > percent). It's an enterprise feature and an enterprise-managed deployment > of Firefox can serve their own blocklist. On the consumer web applets > should work in the latest security-fixed versions of Java. If they are so > large that won't work then they are applications, not applets, and should > have the user install them as they would any other executable. > > -Dan Veditz > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
