11/4/2023 0 Comments Deep Work for android instalLet's dig into the details: How did Android CA certificate management work until now? There's a balance here to manage, and I'm not sure Android has made the right choice. That said, there are many legitimate use cases where you want to be able to choose which CAs you trust, and that just got much harder. Protecting users from themselves is absolutely necessary here, and it's a hard problem. To be clear, carefully managing the trusted CAs on Android devices is important! Adding a CA should not be easy to do by accident or unknowingly. The only way to install any CA certificate now is by using a button hidden deep in the settings, on a page that apps cannot link to. ![]() Nonetheless, it's also something that power users might want to configure, for Android testing, for app debugging, for reverse engineering or as part of some enterprise network configurations.Īndroid has tightly restricted this power for a while, but in Android 11 ( released this week) it locks down further, making it impossible for any app, debugging tool or user action to prompt to install a CA certificate, even to the untrusted-by-default user-managed certificate store. That's a lot of power, and the list of trusted authorities is dangerous to mess around with. ![]() ![]() Your trusted Certificate Authorities (CAs) are the organizations that you trust to guarantee the signatures of your encrypted traffic and content.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |