Not sure why we are debating self signed vs signed by CA. PKI is modelled after real world procecees (Try printing your own ID card against a govt issued one). There is a reason why well used apps (like browser) warns users about certificates that it cannot trust. Sure it does not eliminate problems like malware etc, but makes the problem more manageable. Perhaps a app validating mechanism coupled by a community driven reputation score would help,.
PKI has both strengths and weaknesses, the weakness being that end users sometime do not understand how the mechanism works and end up blindly accepting SSL connections. On Thu, Jan 19, 2012 at 4:40 AM, Kevin Chadwick <ma1l1i...@yahoo.co.uk>wrote: > On Wed, 18 Jan 2012 17:05:30 -0800 (PST) > Oleg Gryb wrote: > > > There are 180M websites in the world. Do you suggest to put 180M self- > > signed certificate to a browser? Good luck with that and with > > implementing CRL logic around it. > > There are 500,000 android apps, the number of publishers is probably > > smaller, but still I would not want to deal with each and every self- > > signed certificate trying to understand if: > > > > 1. I want to trust it > > 2. If it's associated with a malware > > 3. If its private key has been compromised > > > > Thanks, but no, I don't want to be in this business. > > I was merely explaining that your statements about self-signed were > wrong and you seem to have misread what I said though I had been awake > for > 36 hours when I wrote it, which was apps are different but now > it's been brought up how many websites do you actually care about an > assured secure connection for. On Linux app source is signed by authors > via gpg which is more secure but less likely than using a signed repo. > > There is a major argument that EV reduces security because people see a > green light (aside from spoofing especially with modern browsers since > that paper), rather than checking manually and considering if they > TRUST, perhaps googling it. > > Similar is true for Markets, more so Apples than Androids because > they advertise that they audit it, though they can't of course. > > I'd like to see a phone still working after 500,000 apps are > installed, they won't fit and your phone will probably have a > saturated connection sending spam. There is no way around the fact that > a user has to research an app with the only guarantee being checking the > source code. There is a business there, but is it viable?? What are you > trying to do? > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > android-security-discuss@googlegroups.com. > To unsubscribe from this group, send email to > android-security-discuss+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to android-security-discuss@googlegroups.com. To unsubscribe from this group, send email to android-security-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
