• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Understanding Signed MIDlet Suite with x.509 PKI?

 
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have some questions regarding the Signed MIDlet Suite with x.509 PKI?

1)Can I create a root certifcate or a protected domain?
2)How the signer associates a protected domain with a signed MIDlet during the signing procedure?
3)Does the signer has the control which the protected domain or root certificate to use to sign a MIDlet suite?
4)Do I need a root certificate during the signing procedure?
5)If a device has more than one root certificate, how do I know a signed MIDlet is associated which protected domain?

Any thoughts about those questions?
[ October 07, 2004: Message edited by: Alibabra Sanjie ]
 
author
Posts: 1436
6
Python TypeScript Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
1. You cannot. Only device manufacturer and operators can create those.

2. Use a certificate that is approved and trusted by the manufacturer or operator -- you probably need to pay for that.

3. You can use any valid certificate to sign but it is typically placed in "3rd party trusted" domain unless you have agreement with the operator etc.

4. You do not need root cert.

5. You do not know. You need to pay the operator to get a trusted cert for you.
 
Alibabra Sanjie
Ranch Hand
Posts: 147
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Michael Yuan!

More questions:
1) Operators mean "CA - Certificate Authorization"?
2) Is it the root certificate the same as private key? or different thing. When the signer generate a key pair, the private key can be used as the root certificate? If yes, how the newly create root certificate - private key put into the devices
3) If I develop a MIDlet suite, and want to sign. Do I has to get manufacturer invloved? how about the concept of "3rd party trusted" domain?
4) How do I obtain a certificate that is approved and trusted by the manufacturer or operator to sign a third party MIDlet suite? Is it inside the device? or have to request from the manufacturer?
5) How the root certificate verify - match the signer certificate in the certificate-path in the JAD? Does it follow the PKI - privte key should match the public key?
[ October 07, 2004: Message edited by: Alibabra Sanjie ]
 
Ranch Hand
Posts: 156
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,

I am a bit confused too about the certification process. This is what i think should be dont (Please Please correct me if I am wrong)

1) I make a Jad and Jar
2) I apply for a certificate to verisign and provide them my details. Does anyone know the link ?? i couldnt find it on their website
3) Then I will use this certificate to sign my JAR..

Step 2 and 3 are fuzzy to me... can some one who has been through this please elaborate

Regards
 
They worship nothing. They say it's because nothing is worth fighting for. Like this tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic