On Mon, Jul 22, 2013 at 1:08 PM, Ted Hopp <ted.hopp@gmail.com> wrote:
> On Thursday, June 14, 2012 12:43:51 PM UTC-4, Dianne Hackborn wrote:
>>
>> The platform has an app signed with a cert. If you want to install an
>> update to that app under a different cert, how could the platform trust that
>> this is actually coming from the author who owns the original cert without
>> the new app also being signed in some way with the original cert? Note that
>> we don't use certificate authorities, so there is no root cert or such to go
>> back to, to try to verify some relationship between two certs. Because we
>> use self-signing, you are ultimately the CA, and have responsibility for the
>> certs you generate.
Technically, yes (Cf, bridge certificates, etc.). Android however doesn't really
understand X.509 certificates as such: it performs binary comparison on the
DER encoded certificate blob to check whether the signer is the same or
different, that's it. This is pretty central to the whole package management
/security model, so a very big part of the core OS will need to be re-written.
Thus, not likely to happen anytime soon.
--
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
---
You received this message because you are subscribed to the Google Groups "Android Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment