When a p3d file is embedded in a web page, it can potentially start running as soon as a user visits the web page. This can be a big security problem for the user, if a malicious person installs malware in a p3d file. There needs to be a way for the user to prevent p3d files from running without his or her approval.

To solve this problem, Panda3D uses a certificate signing approach. Before you can put a p3d file on a web page, you must sign it with a special certificate that identifies you and only you. When the user visits your web page, and sees your signed p3d file, he or she will be shown your certificate, and given an opportunity to approve it.

Once the user approves your certificate, the application will be allowed to run. (And this application, and all other applications signed by the same certificate, will also run automatically in the future without further approval.)