This project has retired. For details please refer to its Attic page.
Apache River - Web of trust

Web of trust

http://en.wikipedia.org/wiki/Web_of_trust

Gregg:

... Ultimately, Jini needs, in my opinion, to focus authentication above the network layer, and use signed jars, encrypted paths, and cert based auth, so that the network path, can not be a part of the exploitation, and instead, each end of a "communication", is responsible for trusting the other, through negotiations carried through the network, instead of using information about the network to guarantee trust. ...