Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Recommended Software for Encrypted Blackberry Voice Calls

Chris Palmer chris at eff.org
Thu Jan 27 10:40:03 PST 2011


On Jan 27, 2011, at 3:39 AM, Pranesh Prakash wrote:

> Any pointers on where could I read more about this?  I know of the web-of-trust kind of model proposed for a CA-less signing model, but that too operates on giving higher levels of trust based on who signed, right?  How is the Android model different?  How would it work for websites?

Android does not use web of trust. Instead, developers sign their applications with self-signed certificates. The Android system creates a new Linux UID for each application. If two applications are signed by the same signing key, they can request to use the same UID; otherwise, they cannot.

http://developer.android.com/guide/topics/security/security.html

This model doesn't apply directly to web sites, although it might be nice if the browser's same-origin policy used this cryptographic means to identify origins rather than (or in addition to) the scheme + hostname + port mechanism it uses now. In Android, it should not matter very much much *who* wrote some code; it matters more what powers the code has. On the web, server identity matters more, and an anonymous-but-power-limited system would not be good enough.

My own preference for web server authentication is along the lines of SSH "persistence of pseudonym" combined with a Perspectives-like mechanism to manage identity transitions and establish a rough identity consensus. I think that would be much safer and cheaper and easier to use than the CA model we have now.


-- 
Chris Palmer
Technology Director, Electronic Frontier Foundation




More information about the liberationtech mailing list