Confuse with the root certificate. Is it the root certificate the same as private key? or different thing. When the signer generate a key pair, the private key can be used as the root certificate?
How to understand these two sentence regarding the signing certificate:
1) "Developer generates a private-public key pair with a signing certificate and has the certificate signed by one or more protection domain root certificates"
2) "The protection domain stakeholder�s signing certificate (not necessarily the root cert) is used to sign the MIDlet JAR and create the associated JAD entries"
More questions: How the signer associate the protected domain with the signed MIDlet during the signing procedure? Does the signer has the control which the protected domain or root certificate to use to sign a MIDlet suite? Do I need a root certificate during the signing procedure? If a device has more than one root certificate, how do I know a signed MIDlet is associated which protected domain?