fsebugoutzone.org:9999

       Post AVZbKZUUBDo67fqDLc by jr@social.anoxinon.de
 (DIR) More posts by jr@social.anoxinon.de
 (DIR) Post #AUXcT5iWIOM0hzovY0 by Foxboron@chaos.social
       2023-04-11T10:41:00Z
       
       0 likes, 2 repeats
       
       The Wireguard android app is now Reproducible and distributed with Jasons own signing key.https://lists.zx2c4.com/pipermail/wireguard/2023-April/008045.htmlPretty cool.#Wireguard #ReproducibleBuilds
       
 (DIR) Post #AVZbKYid39WfjFRzkm by mynacol@ipv6.social
       2023-04-11T11:28:32Z
       
       0 likes, 0 repeats
       
       @Foxboron Users of the #FDroid version have to reinstall the app. A guide is in the linked mail.Why is there no automatic key rollover (switching to the new key with signature from the previous one)? Is #Android lacking that?
       
 (DIR) Post #AVZbKZUUBDo67fqDLc by jr@social.anoxinon.de
       2023-04-11T11:45:47Z
       
       0 likes, 0 repeats
       
       @mynacol @Foxboron yes Android (AFAIK except really new versions) does not know the concept of key rollover...
       
 (DIR) Post #AVZbKaH3GeegYIZ02y by jr@social.anoxinon.de
       2023-04-11T11:52:19Z
       
       0 likes, 0 repeats
       
       @mynacol @Foxboron just looked it up again: support for key rotation was introduced with APK signing scheme v3, which in turn was introduced with Android 9, but at least F-Droid does not support the key rotation...
       
 (DIR) Post #AVZbKaqr7XIMLLJar2 by Bubu@chaos.social
       2023-04-11T11:59:37Z
       
       0 likes, 1 repeats
       
       @jr @mynacol @Foxboron Which means, you can only use that if your app&#39;s minSDK is &gt;= Android 9. (At least that&#39;s what I remember from when this feature was originally introduced)Wireguard&#39;s minSDK is Android 5.0.F-Droid might start to look into this though, it&#39;s only a few years off until this can can be reaslistically used in the wild.
       
 (DIR) Post #AVZbSPggVoL02FHops by jr@social.anoxinon.de
       2023-04-11T12:01:46Z
       
       0 likes, 0 repeats
       
       @Bubu @mynacol @Foxboron looks like Google recommends signing the APK with a second non rotated certificate if your minSDK is lower...
       
 (DIR) Post #AVZbSQGUMgyfpI2Pdw by Bubu@chaos.social
       2023-04-11T12:07:41Z
       
       0 likes, 0 repeats
       
       @jr @mynacol @Foxboron Do you have a link or direct quote?Also interesting that they chose to offer apks with the old signer via gplay but not via fdroid (which can do this as well) 🤔.
       
 (DIR) Post #AVZbSQqIDZcLcKn0S0 by jr@social.anoxinon.de
       2023-04-11T16:22:35Z
       
       0 likes, 0 repeats
       
       @Bubu @mynacol @Foxboron Not sure where I found it, will try to find it again when I&#39;m back from work...
       
 (DIR) Post #AVZbSRSDwXxVVyXIZc by eighthave@social.librem.one
       2023-05-12T08:32:29Z
       
       0 likes, 0 repeats
       
       @jr @Bubu @mynacol @Foxboron I would love to see documentation of real world cases of that APK signing key rotation in action.  Know of any?  Seems like thing we should include in the #FDroid docs too.