On 6/07/12 16:14 PM, Anders Rundgren wrote:
On 2012-07-06 01:51, Robert Relyea wrote:
I've gotten NSS to build and mostly run the tests for Android.
Cool!
There are
still a number of tests failing, so the work isn't all done, but it was
a good point to snapshot what I had.
How does this compare/interact with Android's built-in key-store?
I'm personally unconvinced that security subsystems running in the
application's/user's own security context represent the future since
they don't facilitate application-based access control unless each
application does its own enrollment.
The way I see this is that security subsystems running in the app/user's
own security context is sub optimal for development cost purposes. And,
running in the platform's security context is sub optimal for security
motives.
Where the sweet spot is tends to vary and isn't really a universally
answerable question.
iang
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
