Re: [aerogear-dev] Security for "Device Registration"
On Tue, May 21, 2013 at 06:05:00PM +0200, Matthias Wessendorf wrote:
I think I mean more the Unified Push server has the "private
key", while
the device uses the public key,
to perform the "auth" against the server-side variant (e.g. PhoneABC
registers itself with the Android variant)
Unless you have two key pairs, this adds
zero security to the mix.
amirite, abstractj?
--
qmx