Re: Re: ENISA Smartphone security study

Hi Arthur,

thanks for encouraging me to reply !

Hi Giles, the focus of our projects are not in the very center of your questionaire, but anyway :

Our sirius signing server once started for creation and verification of qualified signatures and we run a free online verification service ( ) for several years now. Driven by our work at he OASIS DSS-X workgroup we expanded the focus of our implementation to code signing. Currently we support J2ME, J2SE and Widget signatures.

I'm sure the authenticity of a software package will be recognized more and more as a real asset. So we like to provide a solution without any vendor lock-in by supporting handy code signing for developers with an open sourced signing server and signing services. And at the other end of the chain by providing centralized verification services.

Hope that's interesting for you !


Andreas Kuehne

----- original Nachricht --------

Betreff: Re: ENISA Smartphone security study
Gesendet: Do, 20. Mai 2010
Von: Arthur Barstow<>

> Giles,
> On 5/20/10 5:43 AM, ext Giles Hogben wrote:
> > Apologies - I should have explained a little more what we are looking for
> from the WG and you are right that some of the questions are out of scope -
> not answering all the questions is fine. In response to your mail:
> >
> > 1. I thought that some important aspects of Question 1 (the most extensive
> question) are relevant to the Webapps WG.
> >    
> I agree some of those questions are interesting but most are not 
> necessarily in scope for WebApps. I also think the WG's higher priority 
> is to complete the deliverables in the group's charter.
> That said, if members of the WG or the WebApps community at large 
> (currently about 450 subscribers) have input, they should of course 
> participate in the questionnaire.
> -Art Barstow

--- original Nachricht Ende ----

Received on Friday, 21 May 2010 13:50:44 UTC