> I don't know the answer to your first question but I suspect that it is NO. > However, why not use a key in KeyChain as wrapper for your own keys? > It is very hard creating a scheme that is as secure as KeyChain.
I might need to do it this way. But i need to create a certificate and the user needs to click through the installation process. And the certificate in the KeyChain can afaik only bei deleted through the user System settings -> security -> clear credentials. Which is a bit too much responsibility for the user as i think. And it will delete all installed credentials. If this isn't already implemented, it would be nice to have a user credential store like the KeyChain with more control (one time grant / always / revocation / ...). Don't you think? Best regards -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
