[cryptography] How are expired code-signing certs revoked?

lodewijk andré de la porte lodewijkadlp at gmail.com
Wed Dec 7 21:34:45 EST 2011


To which I retorted that it we want to install from other sources, and then
it'll lose it's value. Cydia is commonly used and (I just checked) is a
package manager with repository's like any other package manager, no
sandboxing. I'd say that by locking up the appstore Apple gave away any
control it could have over third party software.

But yeah, your right. Code signing does have good use for the appstore.

Op 8 december 2011 03:26 schreef Marsh Ray <marsh at extendedsubset.com> het
volgende:

> On 12/07/2011 08:12 PM, lodewijk andré de la porte wrote:
>
>> I'm afraid "far more effective" just doesn't cut it. Android has
>> "install .APK from third party sources" which you'll engage whenever you
>> install an APK without using the market, trusted or not.
>>
>
> That's why I didn't use Android as an example.
>
> I said "Apple's iPhone app store code signing is far more effective".
>
> - Marsh
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20111208/663b32ac/attachment.html>


More information about the cryptography mailing list