[liberationtech] Recommended Software for Encrypted Blackberry Voice Calls
Chris Palmer
chris at eff.org
Thu Jan 27 10:40:03 PST 2011
On Jan 27, 2011, at 3:39 AM, Pranesh Prakash wrote:
> Any pointers on where could I read more about this? I know of the web-of-trust kind of model proposed for a CA-less signing model, but that too operates on giving higher levels of trust based on who signed, right? How is the Android model different? How would it work for websites?
Android does not use web of trust. Instead, developers sign their applications with self-signed certificates. The Android system creates a new Linux UID for each application. If two applications are signed by the same signing key, they can request to use the same UID; otherwise, they cannot.
http://developer.android.com/guide/topics/security/security.html
This model doesn't apply directly to web sites, although it might be nice if the browser's same-origin policy used this cryptographic means to identify origins rather than (or in addition to) the scheme + hostname + port mechanism it uses now. In Android, it should not matter very much much *who* wrote some code; it matters more what powers the code has. On the web, server identity matters more, and an anonymous-but-power-limited system would not be good enough.
My own preference for web server authentication is along the lines of SSH "persistence of pseudonym" combined with a Perspectives-like mechanism to manage identity transitions and establish a rough identity consensus. I think that would be much safer and cheaper and easier to use than the CA model we have now.
--
Chris Palmer
Technology Director, Electronic Frontier Foundation
More information about the liberationtech
mailing list