A signed component may be obtained from a software vendor and then executed used by a variety of users. Normally, the principal executing the code is different from the one that signed the classes. To clarify the resulting distinctions, we introduce the the concept of a CodeExecutor to be the principal invoking a given service, and upon which authentication, delegation or access control can be based.