(Note: the certificates and private signature files are different from those for CAB files, which you need to get separately). cert7.db, key3.db and nscapec3.p12 files
This section describes the new security API introduced in Netscape Navigator 4.
In Netscape Navigator 4, signing an applet alone is not enough to enable it to escape the sandbox. The applet must also ask for - and be granted by the user - the specific capabilities it requires before it can use them. It does this by calling methods in the netscape.security package. These methods comprise Netscape's Capabilities API. More information is available from the Netscape developer library - http://developer.netscape.com/library/documentation/signedobj/capabilities.
In a typical case, an applet running in Navigator wishes to connect to an arbitrary host (not permitted in the sandbox), so it must first obtain the capability by calling PrivilegeManager.enablePrivilege("UniversalConnect"). This applies to all applets, including signed applets and applets running in the CLASSPATH.
Note: See http://developer.netscape.com/software/signedobj for more information about Netscape’s signed applet implementation.
Note: The zigbert tool is available at ftp://ftp1.netscape.com/private/signtool/zIgshIpme/zigship.zip.
Note: The Jar Packager is available at http://developer.netscape.com/software/signedobj/jarpkgr.zip.