I'd disagree here,actually.
The question posed is not "do you trust this application" but "do you trust this application provider." Thats why each provider has a unique certificate, not each app.
Yes, I see your point, and it makes sense to use the provider level of granularity from a security standpoint.. I guess it still stands that this bug of allowing more priviledges than you initially agreed is not right though.
I also think the idea of not accepting upgrades is entirely different from that of security. I don't trust a single one of you to give me code that has no bugs
- but I routinely accept the self signed Web Start apps that are posted. I trust you guys enough that I believe you will not be malicious.. but if I have a program that is working just fine for me, I don't necessarily want to jump straight to the next version. I like that Web Start gives me that ability to stay up to date - I don't like that it forces the latest version on me, with no option of going back.
I believe that is a design flaw in the current Web Start client. The JNLP in general appears to be fine. If the client kept the last version in the cache so I could step back it would be great. Hmm. I smell a RFE brewing...