Re: [aerogear-dev] Security for "Device Registration"
On Sat, May 18, 2013 at 12:48:31AM +0200, Matthias Wessendorf wrote:
Hi,
once the app is installed on the phone (or launched in a browser),
we (as discussed in the spec/mailing list) need to upload the "device
token" (or channelID) from the actual device/channel to the Unified Push
Server.
My questions:
Is it safe, if every "Mobile Variant" has a Private/Public Key ???
The UP server keeps the private one.
Once we register a new mobile variant (e.g. HR for Android, HR for iPad, HR
for iPhone, ...) EACH variant has ONE Private/Public key
When you say
private/public key pair, you mean two pairs right? one for
the device, other for the server variant?
Let's clarify this then we can move the discussion further.
--
qmx