在Android Market的两个帐户中使用一个发布密钥 [英] Using one publishing key on two accounts in Android Market
问题描述
在不同的Android电子市场帐户下使用相同的签名密钥发布应用程序有什么缺点吗? (每个帐户下有不同的应用程序。)同样,在同一个帐户中为不同的应用程序使用不同的签名密钥是否存在问题?我不会假设在这两种情况下,但我找不到任何关于此问题的明确信息。所以我认为谨慎地询问是否有人知道。
完全取决于您的需求,让我们看看不同的需求,
为什么在不同的应用程序中使用相同的密钥? 如果您想使用应用程序模块化功能(由官方文档推荐的 ): b Android允许使用相同证书签署的应用程序运行同样的过程,如果应用程序请求,以便系统将它们视为单个应用程序。通过这种方式,您可以在模块中部署您的应用程序,并且用户可以独立更新每个模块。 通过权限在您的应用程序之间安全地共享代码/数据(也是正式文档推荐的): Android提供基于签名的权限执行,以便应用程序可以向另一个使用指定证书签名的应用程序公开功能。通过使用相同证书签署多个应用并使用基于签名的权限检查,您的应用可以以安全的方式共享代码和数据。 如果您想避免为不同应用管理不同密钥的麻烦。 对不同的应用程序使用不同的键? 如果你对安全性有些偏执(你应该)将所有鸡蛋放在一个篮子里,这在这篇文章。 如果应用程序完全不同&将永远不会使用上述的应用程序模块化或代码/数据共享。
$ b
Are there any downsides to using the same signing key for publishing apps under different Android Market accounts? (Different apps under each account.) Likewise, are there any problems in using different signing keys for different apps in the same account? I would assume not in both cases, but I couldn't find anything definitive posted about this. So I thought it prudent to ask if anyone knows for sure.
It depends totally on your needs, so let's see different needs,
Why using same key for different apps?
If you want to use App modularity features (as recommended by the official documentation):
Android allows apps signed by the same certificate to run in the same process, if the applications so requests, so that the system treats them as a single application. In this way you can deploy your app in modules, and users can update each of the modules independently.
If you want to share Code/Data securely between your apps through permissions (also as recommended by the official documentation):
Android provides signature-based permissions enforcement, so that an app can expose functionality to another app that is signed with a specified certificate. By signing multiple apps with the same certificate and using signature-based permissions checks, your apps can share code and data in a secure manner.
If you want to avoid the hassle of managing different keys for different apps.
Why using different keys for different apps?
If you are somehow paranoid about security (and you should), not to put all the eggs in one basket, which is highly recommended in this article.
If the apps are completely different & won't ever use the app-modularity or Code/Data sharing described above.
If there is even a small chance that you will sell one of the apps separately in the future, then that app must have its own key from the beginning.
I wrote an article about it.
这篇关于在Android Market的两个帐户中使用一个发布密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!