Can you suggest a good book for learning android? On Friday, June 12, 2009 2:11:27 AM UTC+5:30, Anders Rundgren wrote: > > Hi Henry, > Thanx for the iPhone info! > iPhone is apparently ahead of Android in this space. > > Regarding <keygen> the somewhat sad truth is that I'm currently > developing a 100% proprietary total-crap provisioning solution for a large > government agency since neither the P12 download or <keygen> supports > PIN-codes and associated policies. For foaf+ssl <keygen> is probably > sufficient. > > The USG (who else???) apparently bought into this $200+ solution > http://www.trustdigital.com/downloads/TD_EMM_CAC_Pack_101008.pdf > to get around the limitations of <keygen> and its cousins. > > Personally I still toil with schemes that emulate the $10000 and up systems > that are used for provisioning smart cards: > > "Air-tight" provisioning, the basics: > http://webpki.org/papers/keygen2/secure-key-store.pdf > "Air-tight" provisioning", core facility: > > http://webpki.org/papers/keygen2/session-key-establishment--security-element-2-server.pdf > > Protocol emulator (not yet fully compliant) but (at least) shows the user > experience: > http://keycenter.webpki.org > > Unlike <keygen> it works equally well for enhanced smart cards as for > mobile phones. > > Anders > > ----- Original Message ----- > From: "Henry Story" <[email protected] <javascript:>> > To: <[email protected] <javascript:>>; "Anders Rundgren" < > [email protected] <javascript:>> > Sent: Thursday, June 11, 2009 15:44 > Subject: Re: [android-security-discuss] Re: Android 1.5 > TLS-client-cert-auth > > On 10 Jun 2009, at 23:46, Anders Rundgren wrote: > > Thanx Tomas, > > I was actually thinking about Android Phone-based tools, not about > > dev tools. > > I am looking for these too. > > > My conclusion after working with quite a range of phones is that > > [currently] > > Windows Mobile is the only mobile OS having [almost] useful PKI > > support. > > The iPhone is good too. See: > "Global Identity on the iPhone" > http://blogs.sun.com/bblfish/entry/one_click_global_sign_on > "How to get a Certificate to your iPhone browser" > http://blogs.sun.com/bblfish/entry/howto_get_a_foaf_ssl > > > What is really needed is support for the <keygen> tag, now finally! > part of the html5 spec in the browser. > > http://dev.w3.org/html5/spec/Overview.html#the-keygen-element > > That then makes it very easy to create services that in one click can > get the user a certificate. As an example see the > > http://test.foafssl.org/cert/ > > Henry > > PS. Anders, could you see if foaf+ssl works on your windows device. > Once you have manager to upload a certificate? (the service I have > does not yet work with IE as it requires ActiveX and VB which is > something I have less experience with) > > > And > > ----- Original Message ----- > > From: "Toemmsn" <[email protected] <javascript:>> > > To: "Android Security Discussions" > > <[email protected]<javascript:> > > > > > Sent: Tuesday, June 09, 2009 19:55 > > Subject: [android-security-discuss] Re: Android 1.5 TLS-client-cert- > > auth > > > > > > > > Anders, > > > > I solved this with using keytool on my desktop PC (after installing > > the Bouncy Castle provider) via: > > > > keytool.exe -srckeystore c:\work\myPKCS12.pfx -importkeystore -v - > > srcstoretype PKCS12 -destkeystore c:\work\android.store -deststoretype > > BKS > > > > You will be asked the password for the target and the source. > > You can verify your success via > > > > keytool.exe -list -v -keystore c:\work\android.store -storepass <your > > password here> -storetype BKS > > > > > > Bye, > > Thomas > > > > On 21 Mai, 11:09, "Anders Rundgren" <[email protected]> wrote: > >> I couldn't find a way to import a PKCS #12 file to test TLS-client- > >> cert-auth. > >> Which tool does that? > >> > >> Anders > >
-- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
