Merge "CDD: Clarified hardware-backed keystore requirement." into nougat-mr1-dev am: 83536f4d73 Change-Id: I31be9f20b45380a086b4a44d7f56706e85f6083d

commit: 06f0abad22b6264495a401c2728426e909052638 [log] [tgz]
author: Vikas Marwaha <vikasmarwaha@google.com> Thu Apr 20 18:05:02 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Thu Apr 20 18:05:02 2017 +0000
tree: 367608cab9ecb960a1a0f55d0f44bd79a4d7935a
parent: 2857591d64b9a1596abaf9f69aa9b00d60b5e1bd [diff]
parent: 83536f4d736ed9e5498dbea1dd9483f4cddd48d7 [diff]
diff --git a/9_security-model/9_11_keys-and-credentials.md b/9_security-model/9_11_keys-and-credentials.md
index 8cb497b..0d0dff2 100644
--- a/9_security-model/9_11_keys-and-credentials.md
+++ b/9_security-model/9_11_keys-and-credentials.md

@@ -24,9 +24,10 @@
     (HAL)](http://source.android.com/devices/tech/security/authentication/gatekeeper.html)
     that can be used to satisfy this requirement.
 
-Note that if a device implementation is already launched on an earlier Android version, and does
-not have a fingerprint scanner, such a device is exempted from the requirement to have a
-hardware-backed keystore.
+Note that if a device implementation is already launched on an earlier Android
+version, such a device is exempted from the requirement to have a
+hardware-backed keystore, unless it declares the `android.hardware.fingerprint`
+feature which requires a hardware-backed keystore.
 
 ### 9.11.1\. Secure Lock Screen
commit	06f0abad22b6264495a401c2728426e909052638	[log] [tgz]
author	Vikas Marwaha <vikasmarwaha@google.com>	Thu Apr 20 18:05:02 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Thu Apr 20 18:05:02 2017 +0000
tree	367608cab9ecb960a1a0f55d0f44bd79a4d7935a
parent	2857591d64b9a1596abaf9f69aa9b00d60b5e1bd [diff]
parent	83536f4d736ed9e5498dbea1dd9483f4cddd48d7 [diff]