Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Is there enough incentive for Microsoft to add a root store to Edge by next September? How hard is it to make that addition?


I may be wrong, but the effort to switch to your own root store is more doing it securely, than the difficulty of switching from system frameworks to your own SSL/HTTP transport layers. So to put another way, straight forward to do mediocre job, not as trivial to do a good or great job.


Root store and TLS/HTTP library are separate concerns. You can use the system root store with your own libraries, or you can use your own root store with the system libraries.

On an Android 4.4 device, you should probably skip the system root store and the system libraries, and if you're already doing it for those phones, you might as well do it for all the phones.


> Root store and TLS/HTTP library are separate concerns.

In the context of this thread (aka older Android devices), they aren’t truly separate concerns. You really need to do both. My point is that doing both is relatively straightforward, but doing the root store part is fairly easy to do it in a mediocre way and be brittle / insecure.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: