...
ENV00-EX1: An organization that has an internal PKI and uses code signing for internal development activities (such as facilitating code check-in and tracking developer activity) may sign unprivileged code. This code base should not be carried forward to a production environment. The keys used for internal signing must be distinct from those used to sign externally available code.
ENV00-EX2: Oracle has deprecated the use of unsigned applets, and will cease to support them soon. Applets that are signed have traditionally been run with full privileges. Since Java 1.7.0 update 25, Oracle has provided mechanisms to allow applets to be signed, and yet run without full permissions. This enables applets that are today unsigned to continue to run in a security sandbox, despite being signed. Signing an applet that runs with restricted privileges under versions of Java at least as recent as update 25 constitutes an exception to this rule. For more information consult the Signed Java Applet Security Improvements on the CERT/CC blog.
Risk Assessment
Signing unprivileged code violates the principle of least privilege because it can circumvent security restrictions defined by the security policies of applets and JNLP applications, for example.
...