[guardian-dev] Hello, and question about Android and gapps

Nathan of Guardian nathan at guardianproject.info
Mon Apr 2 11:41:07 EDT 2012


On 03/28/2012 11:36 AM, Hans-Christoph Steiner wrote:
> 
> Anyone know the details of F-droid's app signature validation?  Ideally
> it would be like Debian, with a trusted keyring for checking the
> signatures on all apps.  And if an .apk is not signed by a key in the
> trusted keyring, it should give an error.

F-Droid has two models of deployment:

1) Serving up a repo of pre-built APKs built, and optionally signed, by
hand or another process somewhere.

2) Serving as a continuous integration service that monitors source
repos, and automatically builds and signs APKs itself.

In the first model, the APK signing is up to the original developer who
created it to manage. This is what we are currently doing with our own repo.

In the second model, all apps that are built are signed by the F-Droid
repo process, with an internal keystore that is generated.

Both approaches should then sufficiently handle the problem of stopping
an unauthorized app from replacing an existing installed version.

+n


More information about the Guardian-dev mailing list