My success story for pictures, calendar, contacts and email sync
Paul Kocialkowski
paulk at paulk.fr
Mon Oct 14 14:46:46 UTC 2013
Le lundi 14 octobre 2013 à 17:32 +0300, Paul Sokolovsky a écrit :
> So, it's likely not that "author thinks it's bad", but he probably
> doesn't know about the issue at all.
He does, it's explicitly told on his website. It's a choice he made and
I know many other apps that detect and ask whether to use a self-signed
certificate.
> Shouldn't *Replicant* allow to import *any* certificate regardless if
> some vendor Android or AOSP put additional restrictions on certificate?
That's not it. The system holds a list of certification authorities (and
their certificates) that apps use to approve a certificate or not, but
it does not hold per-website SSL certificates, it's simply not its
function (it's not because of a restriction from Google).
On GNU/Linux as well, applications have to accept and store self-signed
SSL certificates individually, there is no auth mechanism to do it
system-wide, but it is the case with certification authorities
certificates.
Correct me if I'm wrong, but at least that's how I understood things
from my perspective.
More information about the Replicant
mailing list