On Sat, Nov 26, 2011 at 5:46 PM, Dav <[email protected]> wrote: > Thanks for the reply. Then for pre ics devices will it be better if > such certificates stay on a webserver and be granted to be downloaded > to the user after authenticating him?
not sure you generally want these available all the time for someone to download for off line attack, but yes you could distribute them this way. > The certificate can then reside in the apps private file system and > installed in the private keystore? > it should just be in the apps private file system. There is no supported API for a private keystore. -bri -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
