[cryptography] How are expired code-signing certs revoked?

Nico Williams nico at cryptonector.com
Fri Dec 9 18:28:52 EST 2011

I really would like the Android model to be elaborated on a fair bit.

Users should be able to deny apps privileges that they request.

Users should be able to label data with simple labels for additional
isolation (think of it as multiple instances of apps).

How does this relate to crypto?  Right, not at all, except through the
use of digital signatures strictly for continuity and pseudonymous
identification (public key == ID).


More information about the cryptography mailing list