[prev in list] [next in list] [prev in thread] [next in thread]
List: websecurity
Subject: Re: [WEB SECURITY] Digital Certificates for Web-based Mobile Apps
From: Nick Owen <nowen () wikidsystems ! com>
Date: 2008-12-03 22:17:24
Message-ID: 49370574.1090808 () wikidsystems ! com
[Download RAW message or body]
If you intend to limit your deployment to a specific device, you might
be able to use their built-in crypto. But even so, I recommend choosing
a package that is not controlled by the device manufacturers or
carriers. Bouncy Castle has good java packages. Ntru is extremely fast
and has both java/j2me and C packages (it is a commercial package).
We do key gen on the device so we went with Ntru. years ago we tested BC
on a java phone and it looked like it would take about 14 hours to do
key gen. Looked like b/c we couldn't get it to finish. Things may have
changed, so test away. The ntru key gen is instantaneous.
nick
Arun Sundaresh wrote:
> Hi All,
>
> Its really nice to see that there are quite a few folks working on the
> mobile app security too and not just the general web app security.
>
> Here's another question that I had related to mobile apps. If somebody
> could answer this question for me, that would be of great help!
>
> How does the digital certificate work for web-based mobile apps?
>
> Thanks,
> Arun Sundaresh. R
--
Nick Owen
WiKID Systems, Inc.
404-962-8983 (desk)
http://www.wikidsystems.com
Commercial/Open-source Two-Factor Authentication
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic