So we can upload apps with different keys? OK, that's new to me, but I agree better not to do it as they will still have the key.
But you say you can compile it unsigned. This is more interesting. Can I then apply a key. Actually I can probably google that myself. Ideally, yes we will get the source code, but I'm not 100% certain that the contract we've signed means we will get the source code as they may have their own stuff in there. But thanks a lot, that gives me more options to research. On Friday, January 17, 2014 3:54:13 PM UTC, Nikolay Elenkov wrote: > > On Sat, Jan 18, 2014 at 12:45 AM, Russell Wheeler > <russellpe...@gmail.com <javascript:>> wrote: > > > > > Am I right in not giving out these security details, or being a little > > paranoid as only having one will always prevent malicious use as you'd > need > > the other. > > Yes. > > > > > Or can they > > > > 1) create an app and I resign it > > They can simply give you an unsigned APK. Better yet, source code > so you can build it yourself. > > > 2) sign it with a different key and we still upload it to our play > account > > > > This works too, but you can never be sure that they didn't keep a > copy of the key. > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.