Depending on the browser used, 3 choices are possible with Java security and authentication. All 3 models depend on the use of Digital Cerificates for Daylight in an intranet setting and optionally for user-based authentication in an internet setting.

• With the HotJava browser from Sun, the built-in JDK 1.1 security API can be used. HotJava runs on the Sun and on Windows, however it is definitely not the most popular or fastest browser currently.
• With Netscape, the NSAPI can be used to restrict or grant different levels of security at both the server and client ends. Given that Netscape is the most popular JDK 1.1 browser currently, we will most probably use this API. Whereas this will mean that we are restricting our users to a model, we believe this will not be for long, since there will eventually be a merger of security APIs. Given Netscape's reputation of supporting their Java API's (IFC) that the NSAPI is currently the most developed, this will the lead to the least migration problems when the eventual merger does occur.
• At the time of writing this it is still unclear to me if Microsoft plans to make Internet Explorer 4.0 JDK 1.1 compliant. However if they do so, it is still unclear if DCOM is a wise choice for security. Given that DCOM locks us to a platform (or 2 since DCOM is available for Solaris too now) it will not be the standard that we will use.