So we can upload apps with different keys? OK, that's new to me, but I agree better not to do it as they will still have the key.
But you say you can compile it unsigned. This is more interesting. Can I then apply a key. Actually I can probably google that myself. Ideally, yes we will get the source code, but I'm not 100% certain that the contract we've signed means we will get the source code as they may have their own stuff in there. But thanks a lot, that gives me more options to research. On Friday, January 17, 2014 3:54:13 PM UTC, Nikolay Elenkov wrote: > > On Sat, Jan 18, 2014 at 12:45 AM, Russell Wheeler > <[email protected] <javascript:>> wrote: > > > > > Am I right in not giving out these security details, or being a little > > paranoid as only having one will always prevent malicious use as you'd > need > > the other. > > Yes. > > > > > Or can they > > > > 1) create an app and I resign it > > They can simply give you an unsigned APK. Better yet, source code > so you can build it yourself. > > > 2) sign it with a different key and we still upload it to our play > account > > > > This works too, but you can never be sure that they didn't keep a > copy of the key. > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
