On 2012-07-06 10:29, ianG wrote: > On 6/07/12 16:14 PM, Anders Rundgren wrote: >> On 2012-07-06 01:51, Robert Relyea wrote: >>> I've gotten NSS to build and mostly run the tests for Android. > > Cool! > > >>> There are >>> still a number of tests failing, so the work isn't all done, but it was >>> a good point to snapshot what I had. >> >> How does this compare/interact with Android's built-in key-store? >> >> I'm personally unconvinced that security subsystems running in the >> application's/user's own security context represent the future since >> they don't facilitate application-based access control unless each >> application does its own enrollment. > > > The way I see this is that security subsystems running in the app/user's > own security context is sub optimal for development cost purposes. And,
??? > running in the platform's security context is sub optimal for security > motives. I'm not sure I understand the rationale here. > > Where the sweet spot is tends to vary and isn't really a universally > answerable question. Anders > > iang > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
