Unlike a lot of systems, Android does not use certificates to control which applications can be installed on a given device. Doing so would require a central authority that would have the power to reject applications, and this goes against the open nature of the platform.
Instead, the only piece of information that we can derive from the certificates is "is app A signed by the same private key as app B?" Assuming that private keys are under the strict control of the developers that own them, we use this to answer the more useful question "did these apps come from the same place?" Apps that are signed with the same key are allowed to work together more tightly, sharing data and resources in ways that non-commonly-signed apps cannot. You could decide to use a cert that chains back to a CA like Thawte or Verisign, but the Android system won't notice. But the user of an application could potentially use this information to verify your credentials. There's no current built-in way to do this in the Android platform or marketplace, but such functionality could always be added. So, no, CA-signed certs aren't any different from self-signed certs on Android. --dbort On Wed, Feb 4, 2009 at 3:06 PM, Tote <[email protected]> wrote: > > I couldn't find any documents describing the benefits of having a CA- > signed certificate that developers can use for signing their APKs. > Could anyone enlighten me if CA-signed certificate are any stronger > than self-signed? Are there any permissions, for example, that a self- > signed certificate is not enough for? > > Another question is that if any developers can sign their apps freely > without any consequences (I mean there's no accountability on self- > signed certificates) what will really prevent malware from spreading? > Community rating? The $25 entry fee to Android Market? I'm still > missing something more convincing ... > > Tote >
