On Thu, May 12, 2011 at 9:39 PM, Nikolay Elenkov <[email protected]>wrote:
> It turns out the 'Signature' you get from the PackageManager it's actually > the > public key used to signed the app, that's whey it works. It was either > poorly named > or the meaning changed somewhere along the line. It's still an effective > check > to see if someone re-packaged your app and signed it with their own key > (assuming they didn't yank the actual check routine from the app). > Yes it is the public cert. You can blame me for the poor naming. I have always thought of it as the signature of the author of the app, but really it is implemented through the certificate signing mechanism. -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
