Thanks for your reply. I agree with you about the security concerns. The reason I brought this up was I ran across a self signed applet that somehow defaulted the always allow to checked (you still had to initially select allow or deny). I couldnt figure out how they did this.
We are about to deploy this to 500+ customers and trying to communcate this to users can sometimes be hard.
Again thanks!