Trusted CAs aren't used for checking apps signatures. Apps are self signed. Trusted CAs are used for verifying the identity of SSL servers including for https:// web browsing.
-bri On Wed, Dec 14, 2011 at 7:51 AM, captfrank <maced...@gmail.com> wrote: > Question how would I take out all trusted CA's and only allow mine? > i.e. I would want to only allow apps installed by users that we/I have > signed or at least from our CA. Have to root it I trust? > > On Nov 30, 12:53 pm, Brian Carlstrom <b...@google.com> wrote: >> The TURKTRUST CA certificate with SHA1 Fingerprint >> B4:35:D4:E1:11:9D:1C:66:90:A7:49:EB:B3:94:BD:63:7B:A7:82:B7 and Subject >> "CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet >> Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1, C=TR, L=Ankara, O=T\xC3\x9CRKTRUST >> Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi >> Hizmetleri A.\xC5\x9E. (c) Kas\xC4\xB1m 2005" has been included since >> Android 2.3 (Gingerbread) >> >> If it had not been included, the preferred way to request inclusion is >> viahttp://code.google.com/p/android/issues/list >> >> -bri >> >> On Wed, Nov 30, 2011 at 12:11 AM, Mert Özarar (TÜRKTRUST) < >> >> mert.oza...@gmail.com> wrote: >> > Dear All, >> >> > I would like to request adding two root certificates on behalf of >> > TURKTRUST Inc. (www.turktrust.com.tr/en), which is the most popular CA >> > in Turkey . >> >> > We would like to start with root certificate: >> >> >http://www.turktrust.com.tr/sertifikalar/7_TURKTRUST_Elektronik_Serti... >> >> > This root certificate is already embedded within, but not limited to: >> > - Microsoft Root Store >> > - Mozilla NSS >> > - Apple Safari >> > - Opera >> >> > Please find below further information, which will be useful to verify >> > our request at URL: >> >https://bugzilla.mozilla.org/show_bug.cgi?id=380635 >> >> > I'm not quiet sure what the procedure is to get our root included >> > within Android OS, so it would be much appreciated if you can give me >> > more info on this. >> >> > Thanks for your kind support, >> >> > Best regards, >> > Mert >> >> > -- >> > You received this message because you are subscribed to the Google Groups >> > "Android Security Discussions" group. >> > To post to this group, send email to >> > android-security-discuss@googlegroups.com. >> > To unsubscribe from this group, send email to >> > android-security-discuss+unsubscr...@googlegroups.com. >> > For more options, visit this group at >> >http://groups.google.com/group/android-security-discuss?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > android-security-discuss@googlegroups.com. > To unsubscribe from this group, send email to > android-security-discuss+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to android-security-discuss@googlegroups.com. To unsubscribe from this group, send email to android-security-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
