I couldn't find any documents describing the benefits of having a CA- signed certificate that developers can use for signing their APKs. Could anyone enlighten me if CA-signed certificate are any stronger than self-signed? Are there any permissions, for example, that a self- signed certificate is not enough for?
Another question is that if any developers can sign their apps freely without any consequences (I mean there's no accountability on self- signed certificates) what will really prevent malware from spreading? Community rating? The $25 entry fee to Android Market? I'm still missing something more convincing ... Tote
