Janis, thank you for the reply. Good to know that we don't have to use Google root CA for CTS test. Our platform doesn't allow application installation from Google Playstore, which means all the Apps are controlled and signed by ourselves. Can I assume that in this case these Apps can also use our own cert-chain for Keymaster authority check?
On Tuesday, October 23, 2018 at 11:18:26 AM UTC-7, Janis wrote: > > Hi, > > CTS and VTS test do not check the origin of the root CA. So you can pass > these tests with a certificate chain rooted in a self signed CA. Once you > passed CTS and VTS you can get the Google signed keys. Please reach out to > your technical account manager at Google for the right process. > > With kind regards, > Janis > > On Wednesday, October 17, 2018 at 5:51:53 PM UTC-7, [email protected] wrote: >> >> Get information from QCOM datasheet "Attestation key provision is >> mandatory on new android O release, customer need do key attestation >> before the CTS/VTS test. ", however, the information from Google is we >> have to pass CTS before applying key attestation. >> Which one is correct? Which department should we reach to to apply the >> attestation key? >> > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
