Re: [cryptography] How are expired code-signing certs revoked?

[Jeffrey Walton]

On Fri, Dec 9, 2011 at 6:00 PM, Nico Williams <n...@cryptonector.com> wrote:
> On Fri, Dec 9, 2011 at 4:41 PM, Jeffrey Walton <noloa...@gmail.com> wrote:
>>> This strengthens the argument for digital signatures as a means of
>>> providing upgrade continuity and related application grouping /
>>> isolation, as in the Android model.  No need for a PKI then, no need
>>> to pay for certificates.
>> Android also make the application a security principal for resource
>> sharing (its a smarter walled garden approach). Its an awesome
>> approach, especially when compared to Windows and *nix where sharing
>> is generally based upon a login context and enforced through DACLs.
>
> That's what I meant by "isolation" :)
Gotcha - my bad.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography