p. 392: In the third paragraph, jre/lib/ext/security/java.security should be jre/lib/security/java.security. That is, delete ext/ from the path.
p. 392: In the second to last paragraph, java.policy should be java.security.
p. 399: SSL_RSA_WITH_RC4_128_SHA uses 128-bit keys, not 40-bit keys.
In Example 12-2, I neglected to actually use the
algorithm constant I defined. The code still works but it should be changed as follows:
public final static String algorithm = "SSLv3";
public final static String algorithm = "SSL";
SSLContext context = SSLContext.getInstance("SSL");
SSLContext context = SSLContext.getInstance(algorithm);