One lesson we learned from the implementations of both name space management and extended stack introspection is that language based protection can be implemented on top of a type-safe language without diverging much from the original specification of that language. For both name space management and stack introspection, old applets, those written against the original Java API and unaware of the new security mechanisms, will continue to run unmodified in browsers equipped with the new authorization scheme. As long as they only use features allowed by the traditional sandbox security policy, they will notice no difference.
A notable exception are capability systems. As mentioned in section 4.1, a capability system would require a new library API and thus completely break compatibility with traditional Java APIs.