Make passphrase optional defeats the purpose of security. I don't even get why those services need a certificate if they skip the bare minimum.

If we are planning to make this happen, ok. But with huge blinking warnings.

abstractj
PGP: 0x84DC9914


On Sun, Aug 10, 2014 at 5:01 AM, Matthias Wessendorf <matzew@apache.org> wrote:

I have seen that too, that some services allow no passphrase set. Some even require no passphrase. (i think it was FB/Parse and/or Push.io)


If we make passphrase optional, we could help their users tool. At the end, it's users choice to do so, or not.

Will create a JIRA for 1.0.0.Final to cover this...

-Matthias

---------- Forwarded message ----------
From: Pauli Jokela <notifications@github.com>
Date: Saturday, August 9, 2014
Subject: [liveoak] Unable to use with iOS push notifications (#270)
To: liveoak-io/liveoak <liveoak@noreply.github.com>


As the current AeroGear implementation does not allow for empty passphrases when adding a push certificate, I'm unable to use the push notification feature at all.

A lot of services out there require that a push certificate does NOT have a passphrase set, so it's not an uncommon request.


Reply to this email directly or view it on GitHub.




--
Sent from Gmail Mobile