When registering an Android based "installed application" on the Google API console, it requests both the application package name and the signing certificate fingerprint. 1) Where can I find documentation describing the usage of this information?
2) In a recent post, Tim Bray stated [ http://android-developers.blogspot.pt/2012/09/google-play-services-and-oauth-identity.html ] "... because some magic is happening. When your app is registered and you generate a token and send it to a service provider, the provider can check with Google, which will confirm that yes, it issued that token, and give the package name of the app it was issued to ..." Where can I find more infor about this "magic"? Thanks Pedro -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/4uAQw9jVZ60J. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
