Hi all,
I am new to mobile application developing. I have just finished a java based application and I plan it to be signed (or verified), but I could not find satisfying answers to my questions in mind reading the documents and forums. Let me give a summary of my application before asking your help.

- Application targets nokia s60 3rd and 5th edition. But I will port it to nokia s40 and sony ericsson in future if it is possible.
- Application will be installed over the air by a sis file. sis file contains two symbian c++ console exes and one java jar file. jar file is the main application, one of the symbian exe is for auto start up, and the other symbian exe is for jar installation.
- java app needs permissions to use networking(sockets(just localhost) and UDP) and gps properties, also jad file has the property Nokia-MIDlet-No-Exit:True. Auto starter symbian exe uses boot up registration and sockets(just localhost). Other exe does not need any permissions except jad file access (and deleting it).

My main question is: Should I sign all of the applications separately?

If the answer is true (I suppose it is), I plan to use Java verified program to sign the java app since both symbian and java seems to require the same publisherId. Is it true that one publisherId obtained from trustCenter is enough for signing both a java app and a symbian app?

Also i dont want any user notification caused by permissions through runtime, is ExpressSigned and java verified enough to achieve this?

And last question, in java verified program, suppose that my application is rejected by the test house. Then should I repay for each test until the application is accepted?

Any answers or hints will be appreciated.