Re: [aerogear-dev] Security for "Device Registration"

On Tue, May 21, 2013 at 06:05:00PM +0200, Matthias Wessendorf wrote: > I think I mean more the Unified Push server has the "private key", while > the device uses the public key, > to perform the "auth" against the server-side variant (e.g. PhoneABC > registers itself with the Android variant) Unless you have two key pairs, this adds zero security to the mix. amirite, abstractj?