22 comments

[ 5.7 ms ] story [ 60.8 ms ] thread
How does this compare to WhisperSystem's Flock? https://github.com/WhisperSystems/Flock
From a first glance, Flock seems to do end-to-end encryption over CardDAV/CalDAV. DAVdroid is, as the name implies, just a sync client for CardDAV/CalDAV servers -- no end-to-end encryption.

If you value privacy that much, Flock seems interesting, while the lack of end-to-end encryption in DAVdroid has other advantages (e.g. ability to use server's web UI, compatibility with other clients)

What do you mean, "end-to-end encryption"? How should contacts/events be transferred encrypted from/to a CalDAV/CardDAV server? Those servers expected icals and vcfs, not encrypted data.
I don't know myself, this is just what i gathered from the README. It might be possible that they're still producing valid iCalendar and VCARD files, but with a lot of ciphertext in them.
That might be, but then CalDAV/CardDAV would be reduced to WebDAV, so it would only be a WebDAV-Sync (because the server couldn't reply to CalDAV requests like "show me events between xx and yy"). As far as I have seen, Flock only "encrypts" the connection, say, is using SSL. But please correct me if I'm wrong!
It specifically states that it does end-to-end-encryption (which is not SSL). I know the authors, and IMO they're not the kinda guys who throw around with buzzwords.
i just can't imagine how this should work (to avoid saying that it can't work), so some specs or more information would be useful.
Ooh, exciting.

Although my needs always seem to be shifting, because I'm back behind a NAT (and carrier-grade NAT as well) now so my new trial is finding a way to punch-through that and put all my devices on a common VPN before I get round to setting up CardDav/CalDAV servers for myself again.

I've been using DAVDroid since January to sync with my OwnCloud CalDAV/CardDAV server, and it's been working flawlessly for me. Every update in either direction has synced without a hiccup.

Most of the issues I've experienced have been relatively minor, and have been the result of issues with the Android platform itself, and not DAVDroid: there's no to-do/task list integrated with the default Android calendar app, so tasks stored in CalDAV don't show up without a separate app, and most of third-party to-do list apps for Android seem to either have significant flaws in their own right, or use their own proprietary sync protocols rather than CalDAV. Additional, Android's contact list doesn't have exactly the same layout of fields as the CardDAV standard, so there are a couple of situations in which certain data hasn't synced properly. But, again, these issues have nothing to do with the DAVDroid app itself, which is excellent.

This is why i stay with CardDAV-Sync and CalDAV-Sync. The latter is compatible with a task app from the same author.
I'm using DAVdroid in combination with Owncloud, which works very well. Unfortunately though the author does not want to add support for self-signed certificates, which is not a huge problem for us technical people (we can manually import the certificate into Android and deal with the silly consequences that brings), but it's a dealbreaker for being able to get the rest of my family off of google and onto owncloud.
Yeah, the certificate situation on Android is really sad, if you cannot afford to buy/get a "proper" cert.

I wish more applications would provide an easy way to use self-signed certs without totally compromising security.

Edit: link to davdroid issue: https://github.com/rfc2822/davdroid/issues/3

StartSSL offers free certs.
until they're blacklisted by everyone because nobody revokes their compromised certs because it costs money to do so

StartSSL's heart is in the right place but they're throttling the edge and very close to being ostracized completely.

Looks like we crashed the site. I'm ironically getting SSL errors trying to log in.
Did you try adding your CA to /system/etc/security/ ?
Oh, it works fine for me. The problem is with the average person who doesn't know or want to know what a self-signed certificate is.

"When you first connect, it will show you a popup with a long set of characters. Check if it ends with A4FE and if so, click yes" is the very maximum I might be able to squeeze out of them. Manually importing a certificate in the trust store and dealing with the scary warnings ("Someone is monitoring your connection!") it generates is a no go.

If you add it to that directory it won't show any warnings. Still, not so good for the average person because it requires root and might not persist between updates.
Same here. I bought the app last year, but I can't use it without support for self-signed certs.
did you try the authors brand new app? it's called CAdroid and imports self signed certs to android

see: cadroid.bitfire.at (it's free)

I saw it in the app store. Apparently it just imports certificates into Android's cert store -- something that you can easily do with a browser, email or file sharing app.

But it's a sign that support for self-signed certs is coming. Along with this pull request, that he just closed (not sure what the status is):

https://github.com/rfc2822/davdroid/pull/194

I discovered various CardDAV servers listed on Davdroid's homepage. I just installed Baikal server and worked flawlessly with Davdriod. THanks OP and DAVdroid !