The CA root certificates have very long expiration dates, so this is much less of a problem than you may assume.
It's still an issue -- CA certs could possibly be revoked in the event of a vulnerability or theft. But those are relatively remote possibilities, beyond what most phone apps would need to consider. On Aug 21, 9:16 am, DanH <danhi...@ieee.org> wrote: > The current cert may only be good for another 6-12 months. And if the > site isn't directly under the control of the app developer, the cert > may change at any time, and may even be changed to use a different > root. > > There's probably no good solution to this problem, but the best I can > think of is to embed another app in your app that simply installs the > necessary cert(s), then have a way for that app to be updated as > needed. > > On Aug 21, 7:09šam, Kostya Vasilyev <kmans...@gmail.com> wrote: > > > > > Right, it does. If the site in question is part of the phone application's > > infrastructure, I personally would find it acceptable. > > > -- > > Kostya Vasilyev --http://kmansoft.wordpress.com > > > 21.08.2010 16:06 ÐÏÌØÚÏ×ÁÔÅÌØ "DanH" <danhi...@ieee.org> ÎÁÐÉÓÁÌ: > > > That assumes that the web site's cert won't change for the life of the > > app. > > > On Aug 21, 3:18 am, Kostya Vasilyev <kmans...@gmail.com> wrote: > > > > š Ajay, > > > > A more cryptographically correct solution would be to install the > > > missing Óertfiicate pieces wit... > > > > On Fri, Aug 20, 2010 at 8:46 PM, Kostya Vasilyev <kmans...@gmail.com > > > > <mailto:kmans...@gmail.... > > > > š š You being able to open the site in desktop browser and on a > > > > š š Blackberry seems to impl... > > >http://groups.google.com/group/android-developers/browse_thread/threa... > > > > > š š This is a hack to accept all certificates. > > > > > š š -- Kostya > > > > > š š 20.08.2010 16:07,... > > > > š š š š using the following site:http://www.digicert.com/helpandittold > > > > š š š š that it was installed properly on the server. > > > > > š š š š On Aug 20, 4:39 pm, Kostya V... > > > > š š š š <mailto:kmans...@gmail.com>> šwrote: > > > > > š š š š š š š Ajay, > > > > > š š š š š š This can happen because the certificate is not signed by... > > > > š š <mailto:android-developers@googlegroups.com> > > > > š š To unsubscribe from this group, send email to > > > > š š android-developers+unsubscr...@googleg... > > > > š š > > > > <mailto:android-developers%2bunsubscr...@googlegroups.com<android-developer > > > > s%252bunsubscr...@googlegroups.com> > > > > > š š For more options, visit this group at > > > > š šhttp://groups.google.com/group/android-develope... -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en