Please note that as of October 24, 2014, the Nokia Developer Wiki will no longer be accepting user contributions, including new entries, edits and comments, as we begin transitioning to our new home, in the Windows Phone Development Wiki. We plan to move over the majority of the existing entries over the next few weeks. Thanks for all your past and future contributions.

Signed to Either Operator or Manufacturer Domain

From Wiki
Jump to: navigation, search
Article Metadata
Series 40
Created: grahamhughes (05 Sep 2009)
Last edited: hamishwillee (25 Jul 2013)

Needs-update.pngThis article needs to be updated: If you found this article useful, please fix the problems below then delete the {{ArticleNeedsUpdate}} template from the article to remove this warning.

Reasons: hamishwillee (19 Jul 2012)
Moderators note:- There is a need for cross reference and citation for example to the article How to get IMEI in Java ME and therefore this text could have been better by being added to the original article. - added to template by HamishW

What Does This Mean?

Signing a Java application is not simply a matter of "signed" or "unsigned". Different signatures give the application access to different security "domains".

Normally, a signed application has access to the "trusted third party domain". This is usually the case for applications signed with Thawte, Verisign or Java Verified certificates (assuming the root certificate is on the phone).

The "operator domain" is available only to applications signed by the network operator (the one who issued the SIM card in the phone). An operator-signature will be accepted only by phones with that operator's SIM card, so a Vodafone signed application will not work in a device with an Orange SIM card.

The "manufacturer domain" is available only to applications signed by the manufacturer of the device. An application signed by Nokia will be rejected by a Motorola device.

How Do I Get My App Manufacturer or Operator Signed?

You might not be able to. Often, this level of access to the device is reserved for pre-installed applications, or applications that are part of some value-added service offered by the network operator. This is the highest level of trust, and give an application the highest level of access to the device, including the ability to bypass some of the normal security measures. At the very least, you will need a close business relationship with the manufacturer or operator. If you're working on a contract for the manufacturer or operator, or you're a well established company with a few million dollars of professional indemnity insurance, then you're off to good start.

If you're a student or an independent developer, you might be wise to consider an alternative solution.

Extra Information

This article goes more in-depth explaining the different types of security domains/permissions and what they stand for :

This page was last modified on 25 July 2013, at 03:02.
151 page views in the last 30 days.

Was this page helpful?

Your feedback about this content is important. Let us know what you think.


Thank you!

We appreciate your feedback.