[guardian-dev] Seeking Feedback on SSL Material

Mark Murphy mmurphy at commonsware.com
Wed Jan 9 09:51:21 EST 2013


I apologize if this is an incorrect use of this list.

Last fall, on this list, there were threads discussing Android
developers' use of encryption, and a call for some standard advice
(perhaps with code) to assist Android developers in "doing the right
thing". I offered to contribute some coding effort if somebody wanted
to write up the recommendations, but if somebody *did* write up an
Android developer's guide to SSL, I missed it.

So, I have taken my stab at the subject.

Since I am *so* not an SSL expert, it is mostly a summary with
pointers at OnionKit and other resources that were collected on those
threads and through additional research. I added enough narrative
around them so that they at least kinda sorta hang together. My plan
is to extend this material, later this year, with sample code and
such.

I am keenly interested in feedback on what I have today, though. A
copy of the material is attached. Right now, the SSL material is a
section in the Internet chapter of my book, _The Busy Coder's Guide to
Android Development_ -- the attachment is a set of pages clipped out
of my current draft. However, I will commit to making this material
freely available separately, probably as a series of blog posts in the
short term, and as a standalone Creative Commons PDF eventually.

I am especially interested in feedback on whether I screwed up any of
the explanations or am missing major topics -- again, while I'll claim
to be an Android expert, I am definitely not an SSL expert (nor do I
play one on TV).

Thanks in advance for any suggestions, and once again, I apologize if
this is not an appropriate use for this list.

--
Mark Murphy (a Commons Guy)
http://commonsware.com | http://github.com/commonsguy
http://commonsware.com/blog | http://twitter.com/commonsguy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl.pdf
Type: application/pdf
Size: 175163 bytes
Desc: not available
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20130109/ea063820/attachment-0001.pdf>


More information about the Guardian-dev mailing list