The Android APIs largely follow those of the Java Cryptography Extension (JCE). You can see an example of some lower level SSL connection and cipher negotiation linked below:
http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html On Thu, Jun 24, 2010 at 5:19 PM, Amir Alagic <[email protected]> wrote: > Hi, > > I have few questions about HTTPS security and I really hope that > someone can give me answers. I have heard that when we use HTTPS > (HttpsURLConnection) in our Android applications that it is possible > that our app can send data that is not protected or protected with > very low encryption with SSL2 protocol without end user to be aware > of. > > Is this true? Is there even support for SSL2 in Android ? Or is HTTPS > on Android safe enough as it is?
