My success story for pictures, calendar, contacts and email sync

Paul Kocialkowski paulk at paulk.fr
Mon Oct 14 14:46:46 UTC 2013


Le lundi 14 octobre 2013 à 17:32 +0300, Paul Sokolovsky a écrit :
> So, it's likely not that "author thinks it's bad", but he probably
> doesn't know about the issue at all.

He does, it's explicitly told on his website. It's a choice he made and
I know many other apps that detect and ask whether to use a self-signed
certificate.

> Shouldn't *Replicant* allow to import *any* certificate regardless if
> some vendor Android or AOSP put additional restrictions on certificate?

That's not it. The system holds a list of certification authorities (and
their certificates) that apps use to approve a certificate or not, but
it does not hold per-website SSL certificates, it's simply not its
function (it's not because of a restriction from Google).

On GNU/Linux as well, applications have to accept and store self-signed
SSL certificates individually, there is no auth mechanism to do it
system-wide, but it is the case with certification authorities
certificates.

Correct me if I'm wrong, but at least that's how I understood things
from my perspective.




More information about the Replicant mailing list