Security is the prerequisite to mobility: Without security, most mobile technologies are unacceptably vulnerable to interception and man-in-the-middle attacks.
Security is the foundation of e-commerce: Without it, there can be no spontaneous formation of trust relationships among previously unknown parties, nor can there be guarantees of nonrepudiation of electronic transactions.
Security is the substrate of remotely administered systems and centrally managed code: Without it, all such mechanisms are unacceptable risks."
As I mentioned earlier today (see my reference to Dave Winer's "Scripting News" mention of web services), SECURITY is the foundation for much of the value-based IT work in BigCos. Without it, there's always a question about the validity or reliability of the information obtained from the service. I expect that Gosling's comments were more directed at this type of deployment than at the work done at Userland and its peers.
Addendum to my earlier post on BigCos delivering Radio-like ease-of-use for web services -- Mosaic lacked the required security layers for value-based activities when it revolutionized the way people use the Internet; the security stuff came after it was clear that this thing would be BIG! I expect a similar sequence with web services-based platforms like Radio & Frontier; they'll pioneer the space, demonstrate the unmet need, and the security guys will jump on the bandwagon when it becomes clear they need to join up or get run over...