If a user encounters signed code, chances are that the code requires more than appropriate privileges to carry out its operations. It is in the interest of the user users to verify the authenticity and integrity of the artifacts that they wish to deploy. Although it is usually a bad idea to sign code, some actions necessitate this step. For example, if the application needs to establish an http connection with an external host to download plugins or extensions, a vendor may provide signed code instead of having the user deal with complex security policies. Sometimes the policies themselves reflect that only the code signed by the provider should execute with the granted privileges. Since executing signed code can be extremely dangerous, verifying authenticity of origin is of utmost importance. Users are most often not the best judges of what code is safe to execute and what constitutes malicious code. Therefore it is necessary to programmatically verify signed code in the absence of a default security manager mechanism.
...