The MIDP Specification version 1.0 constrained MIDlet suites to operate in a sandbox that prevented access to sensitive APIs and functions of the device. This model was useful for many applications, and is included and formalized in the MIDP Specification version 2.0.

A MIDlet suite compliant with MIDP 1.0 must be able to run on a MIDP 2.0 device as an untrusted MIDlet suite. An untrusted MIDlet suite is a MIDlet suite for which the origin and the integrity of the JAR cannot be reliably determined by the device. Untrusted MIDlet suites execute in a restricted environment where access to the protected APIs or functions is either not allowed or allowed only with explicit user permission. The restricted environment is the untrusted domain.

Table 18.1. APIs for which untrusted MIDlet suites require confirmation

API	Protocol
javax.microedition.io.HttpConnection	HTTP
javax.microedition.io.HttpsConnection	HTTPS