Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Midlet Signing..

 
Deepan Devadasan
Ranch Hand
Posts: 226
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi..

I have come across a need to move the MIDP application from the untrusted domain to trusted domain..

I have some mixed understanding about the whole process..

Can someone provide me an overall view of the process..

And what is Java Verification Process... and the role in the Signing of the the MIDLet...


Thanks in advance

Theepan...
 
Shoumin Li
Ranch Hand
Posts: 85
 
Punit Raizada
Ranch Hand
Posts: 156
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The articles posted in the above reply do provide some detailed information about the certification process.

As a developer, I would like to add a few quikies:

1) There is no magic bullet certificate that is going to place your application in the trusted domain on all the handsets. Know what devices you are aiming for.

2) When possible, go with the Carrier certificate. This is guaranteed to work on their phones atleast.

3) Java verified program is a good initiative and has all my support but the Geotrust cert they attach does not really have value in terms of placing your application in the trusted domain on the devices ( as of 2007). Their device range is bound to increase with time. I would advice to go through the process early on so that your application is tested through their criteria. BUT dont count only on the Geotrust cert they place in your JAD.

That was just my 2 cents.
 
George Kalfas
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Greetings to you all!!

I've read all the articles that Shoumin posted and I was very disturbed by what I've learned from them. Signing is necessary ofcourse, but transforming this need into a money making machine is just a shame! Especially for Sun( I expected something like that from the manufacturers!!).

Well I have two quick questions:
1)I've read some posts in other forums that it is possible to hack some phones so that they trust every application, and never ask permission. Is this a fact or a myth? In my project I need to use a Nokia n95 phone, owned by a relative, and my midlet's only being developed especially for that phone. If I could hack it that would suit me better than paying 240$ to Java verified...

2)If you download somehow a trusted midlet, is the key contained in the jar or the jad file?

Thank you in advance!!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic