I believe the problem is that this is a *platform* issue and decisions on how the Android platform is intended to be developed is out-of-scope for public discussions on mailng-lists. That is, if somebody would actually take on such a project and not having it early-on "blessed" by the Android core team, the most likely thing to happen is that it would be ignored.
Due to that progress in this space is pretty slow. OTOH, this is valid for most of the competing solutions as well. I'm personally trying to create a more useful platform for crypto but I will start with deploying it in enhanced USB-sticks running on PCs because updating phone OSs just to try and show some new feature seems like a very complicated (and impopular) task. http://webpki.org/papers/mobilephone-pki-options.pdf http://webpki.org/papers/keygen2/secure-key-store.pdf Note: this has nothing to do with Enterprise or Consumer security; properly done, you can take them both (at least when it cmes to crypto...) with a single solution! Anders ----- Original Message ----- From: "Jean-Baptiste Queru" <[email protected]> To: <[email protected]> Sent: Friday, October 30, 2009 13:20 Subject: [android-security-discuss] Re: Enterprise Security support There's no fundamental reason why such security features shouldn't be included, and not having them indeed limits the out-of-the-box usefulness of Android for corporate users. It all boils down to resources and priorities, and if you'd like to contribute code toward those features the best place to discuss your contributions is actually the android-platform list. JBQ On Fri, Oct 30, 2009 at 5:15 AM, Chevalier Dev <[email protected]> wrote: > > The general silence around the lack of Android security features is > deafening. The way it is currently going, it will end up with about a > zillion proprietary keystores, protocols and crypto-based applications > with no interoperability in sight. This is really unfortunate as an > open-source OS has many more arguments towards security than a closed > system. > > Maybe I just missed something and Android has always been targetted at > a general audience and not corporate users? > > On Wed, Oct 28, 2009 at 4:24 PM, Alex Danvy <[email protected]> wrote: >> I might have missed something but it looks like Android is not an >> enterprise level phone yet. Security is a major concern for the >> enterprise. >> You have a nice browser, powerfull apps but can't connect to your >> enterprise network to get data. >> This is one of my main complaint about Android : http://bit.ly/Rx2bU. > -- Jean-Baptiste M. "JBQ" Queru Software Engineer, Android Open-Source Project, Google. Questions sent directly to me that have no reason for being private will likely get ignored or forwarded to a public forum with no further warning.
