Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / docs / source.android.com / 1837864312f2ad4b1ee15ea9f3f0f818ff32d2ad^! / .
commit1837864312f2ad4b1ee15ea9f3f0f818ff32d2ad[log] [tgz]
authorUnsuk Jung <unsuk@google.com>Mon May 18 19:26:50 2015 -0700
committerUnsuk Jung <unsuk@google.com>Fri Jun 05 20:37:54 2015 +0000
tree6d7aad53a3373ba556e42936d20bab5accc18ffd
parent172a72263541f7267f0429c259e18f3b79e96e83 [diff]
Clarify req. for full range of Device Admin Policies and FDE

The full range of Device Admin Policies and Full Disk
Encryption is mandatory when the device supports a
lock screen with a numeric or alphanumeric password

Bug: 20659165

Change-Id: Ic371d1e14f19a0f9f6d5fc7079c9de50d87a5df4

diff --git a/src/compatibility/5.1/android-5.1-cdd.html b/src/compatibility/5.1/android-5.1-cdd.html
index bd8b17f..28367be 100644
--- a/src/compatibility/5.1/android-5.1-cdd.html
+++ b/src/compatibility/5.1/android-5.1-cdd.html

@@ -1427,10 +1427,14 @@
 <p>Android includes features that allow security-aware applications to perform
 device administration functions at the system level, such as enforcing password
 policies or performing remote wipe, through the Android Device Administration
-API [<a href="http://developer.android.com/guide/topics/admin/device-admin.html">Resources, 39</a>]. Device implementations MUST provide an implementation of the
-DevicePolicyManager class [<a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html">Resources, 40</a>]. Device implementations that include support for lock screen MUST support the
-full range of device administration policies defined in the Android SDK
-documentation [<a href="http://developer.android.com/guide/topics/admin/device-admin.html">Resources, 39</a>] and report the platform feature android.software.device_admin.</p>
+API [<a href="http://developer.android.com/guide/topics/admin/device-admin.html">Resources, 39</a>].
+Device implementations MUST provide an implementation of the DevicePolicyManager class
+[<a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html">Resources, 40</a>].
+Device implementations that include support for PIN (numeric) or PASSWORD
+(alphanumeric) based lock screens MUST support the full range of device
+administration policies defined in the Android SDK documentation
+[<a href="http://developer.android.com/guide/topics/admin/device-admin.html">Resources, 39</a>]
+and report the platform feature android.software.device_admin.</p>
 
 <p>Device implementations MAY have a preinstalled application performing device
 administration functions but this application MUST NOT be set out-of-the box as
@@ -4118,8 +4122,9 @@
 </div>
 
 
-<p>If the device implementation has a lock screen, the device MUST support
-full-disk encryption of the application private data, (/data partition) as well
+<p>If the device implementation supports a lock screen with PIN (numeric) or
+PASSWORD (alphanumeric), the device MUST support full-disk encryption of the
+application private data (/data partition), as well
 as the SD card partition if it is a permanent, non-removable part of the device
 [<a href="http://source.android.com/devices/tech/security/encryption/index.html">Resources, 107</a>]. For devices supporting full-disk encryption, the full-disk encryption SHOULD
 be enabled all the time after the user has completed the out-of-box experience.
@@ -4816,4 +4821,4 @@
 
 </div>
 </body>
-</html>
\ No newline at end of file
+</html>