Deciding on the Type of Certificate to Sign an Application
After you install the SDK certificates on your device, you must decide how to sign your application: privileged, unprivileged, or unsigned. You will use the same type of certificate for your day-to-day development that you will use when you release your application. The only difference is that during development you will use an SDK certificate, and when you release, you will use a certificate controlled by Mobile2Market, an OEM, or a mobile operator.
Privileged
If your application needs to run trusted on a two-tier device, you need to sign your application with a privileged certificate. For day-to-day development, use SDKSamplePrivDeveloper.pfx. The advantage of signing with a privileged certificate is that your application can call any API, and there are essentially no security restrictions on what your application can do. The disadvantage of signing with a privileged certificate is that when you release your application, you have to ensure that your application is signed with a certificate that is in the privileged store of the real device.
For more information about trusted APIs, see Trusted APIs.
Most Windows Mobile-based devices ship with the Mobile2Market privileged certificate. Your application will work on these devices if you sign it through the Privileged Signing program of Mobile2Market.
However, Smartphones on some mobile operator networks ship without the Mobile2Market privileged certificates. On these devices, you have to ask the OEM or mobile operator to sign your application, and that organization may be very restrictive about what applications it is willing to sign.
Because of these requirements, if you want your application to run on all devices from all operators, you need to have different versions of your application that are each signed with a different certificate.
Unprivileged
You can sign your application with an unprivileged certificate. For day-to-day development, use SDKSampleUnprivDeveloper.pfx. Most applications can run fine without needing to call any trusted APIs. All devices that currently ship have the Mobile2Market unprivileged certificate. If a device does not have the Mobile2Market certificate, the OEM or mobile operator would need to sign your application.
Unsigned
The advantage of an unsigned application is that it is the easiest to produce. You do not need to contact any third-party signing authority. The disadvantage is that the application runs only on a two-tier-prompt, one-tier-prompt, or security-off device.
Send Feedback on this topic to the authors