On 2013-06-29 03:38, Jeffrey Walton wrote: > Hi All, Although I haven't read all the docs, I wonder what the point is with a FIPS-compliant crypto library running at application-level when there already is another system (KeyChain) running at OS-level since the latter at least with respect to key protection should be better.
The OS is managing critical resources like files and I/O-devices. IMO, keys belong to the OS realm although the trust model is different since keys are not necessarily owned by the device owner, but rather reflect relations between the device-owner/user and providers where the latter usually unilaterally define key usage policies. Anders > > The OpenSSL Foundation has published detailed instructions on building > the OpenSSL FIPS Object Module and FIPS Capable Library for Android. > The Object Module provides the validated cryptography, and the Capable > Library consumes the validated cryptography. > > Many thanks to Steve Marquess and Tim Hudson for their work on the document. > > http://wiki.opensslfoundation.com/index.php/FIPS_Library_and_Android > > Jeff > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+unsubscr...@googlegroups.com. To post to this group, send email to android-security-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
