Recently there was a discussion in Flash Lite Yahoo Group about signing the SIS files. And fees involved in signing the SIS files. So, I thought to post about my findings on it and also that SWF2Go does not require Symbian Signed.
I was able to find some pointers that I believe will help other developers. Most of the things are already defined in S60 SDK Docs. I am quoting some text from the S60 3rd Edition FP1 SDK Docs.
The first thing we need to know is the deference between Developer Certificate and Self Certificate. I searched the SDK Docs, and found this:
S60 3rd Edition includes mandatory .sis file signing, which means that all .sis files must be signed before installing them to the device. The type of certificate needed for an application depends on the capabilities it uses. The following table explains the different kinds of certificates needed:
Self Signed Certificate
When an application requires no capabilities or utilizes APIs, which are open to all. This can be used when testing an application in one’s own device or when shipping the application.
Note: The application is regarded as Untrusted if signed with the Self Signed Certificate.
This process is recommended for freeware applications using unrestricted capabilities.
When testing the application in developer’s own device(s). This certificate is received from Symbian.
The Symbian Developer Certificate can be used by developers to sign their applications in order to obtain the restricted capabilities for device testing. The certificate is restricted to a certain set of IMEIs and the set cannot be changed. There are a few requirements to get a Symbian Developer Certificate.
Mandatory if the application is using capabilities beyond the scope of APIs open to all and the application is shipped.
As described above, Developer Certificate is locked to certain IMEIs for testing applications which uses capabilities that are not user grantable at the time of installation. In my personal experience when I requested a Developer Certificate from SymbianSigned.com, It was locked to only one IMEI.
Here’s another quote from S60 3rd Edition FP1 SDK Docs describing Self Certificate
S60 3rd Edition SDK for Symbian OS, Supporting Feature Pack 1, for C++
Getting Started >> Main Steps of Application Development
Self Signed Certificate
In S60 3rd Edition application development all .sis files must be signed before installing them to a device. When an application requires no capabilities or utilizes APIs which are open to all, you can use the Self Signed certificate. This can be used when testing an application in one’s own device or when shipping the application. Using the Self Signed certificate is recommended for freeware applications using unrestricted capabilities.
Note: Applications are regarded as Untrusted if signed with the Self Signed certificate.
This also means that if you make your own SWF launcher and SIS for it, you can Self Sign it and sell it via your website or content aggregators who don’t require Symbian Signed criteria, such as Handango.com or Clickgamer.com
Also, in my research, I found that most of the general users have set the Software Install to All. Maybe because they may have tried or using some freeware tool(s), such as screen capturing or filemanager.
Its good that Flash Lite developers can sell thier games and applications without paying heavy signing fees.
Note: These are my personal findings on the topic, they might be incorrect, or may have differences.
// chall3ng3r //