The LWJGL jars are properly signed, but with a certificate from the Oddlabs org.
You have probably at some point already accepted this certificate. New users
coming to a jPCT site in the field don't have that certificate accepted, and will
get a security warning. Notice the LWJGL documentation says:
"Upon release of LWJGL 1.0, we will provide proper signed packages so that
any user can run applets without having to invest in a CERTIFICATE."
The certificate is what is used to sign the jar. The security warning is what
is used to prompt the user to accept the certificate as valid.
What they mean is that developers can write applets and run them without
having to buy a certificate to sign their jars. What they leave out is that you
will need to accept their certificate on your machine. This is not a problem for
most developers, but for users in the field it is an issue.
One way that I use to test my applets is to make a trip to the Apple Store. When
running under JoGL, no certificate is prompted for, when running under LWJGL,
a certificate is prompted for.
One way to see what I am saying would be for you to remove all of your
certificates, except the default Sun Microsystems certificates. These
can be removed from the certificate store via
the java control panel.
Your machine should now have only the certificates that a fresh install of
Java will have. So now run the JoGL applet demo at:
https://jogl-demos.dev.java.net/applettest.htmlAfter that run the LWJGL applet demo at:
http://lwjgl.org/appletYou will see that only the LWJGL applet will prompt for a security clearance.