flex-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kessler CTR Mark J <mark.kessler....@usmc.mil>
Subject RE: security certificates
Date Wed, 25 Mar 2015 10:08:08 GMT
Well the problem with self-signed is other people cannot easily validate the signature.  You
are your own certificate authority(CA) in a simplistic sense.  Were as purchasing one from
a company that that hosts public CA's can more easily be verified by their root certificates.

Here for the Flex signatures, they sign them locally and host out the key to  verify it on
the apache servers.


-----Original Message-----
From: Subs [mailto:subscriptions@leeburrows.com] 
Sent: Tuesday, March 24, 2015 12:30 PM
To: Apache Flex User Mailing List; Apache Flex Dev Mailing List
Subject: security certificates

Hi All,

Wondering what kind of security certificates people are using for 
desktop and android?

Are people creating self-signed certificates (eg: in FB) or purchasing 
'official' ones?

Google app store allows self-signed apps to be published; can i assume 
from that, that self-signed is 'secure' enough?


Lee Burrows

View raw message