[guardian-dev] Improving the APK Signing Procedure
Hans-Christoph Steiner
hans at at.or.at
Fri Mar 28 13:59:05 EDT 2014
I've been developing an APK signing procedure to use the modern best
practices, from key generation to the use of Hardware Security Modules (HSM).
I've outlined a key generation procedure for making new signing keys, and I
would love feedback, flames, comments, etc.
Here's the whole thing in all its rough glory:
https://dev.guardianproject.info/projects/bazaar/wiki/Improving_the_APK_Signing_Procedure
And a blog post about doing this with an HSM is coming today!
.hc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 969 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20140328/e1613af7/attachment-0001.pgp>
More information about the Guardian-dev
mailing list