Mercurial Mercurial > oss > FCL > sftools > depl > docscontent / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Symbian3/PDK/Source/GUID-AFBD4ED6-9588-531C-8EDF-566DB1D03088.dita
changeset 3 46218c8b8afa
parent 1 25a17d01db0c
child 5 f345bda72bc4 
--- a/Symbian3/PDK/Source/GUID-AFBD4ED6-9588-531C-8EDF-566DB1D03088.dita	Thu Mar 11 15:24:26 2010 +0000
+++ b/Symbian3/PDK/Source/GUID-AFBD4ED6-9588-531C-8EDF-566DB1D03088.dita	Thu Mar 11 18:02:22 2010 +0000
@@ -1,80 +1,80 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
-<!-- This component and the accompanying materials are made available under the terms of the License 
-"Eclipse Public License v1.0" which accompanies this distribution, 
-and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
-<!-- Initial Contributors:
-    Nokia Corporation - initial contribution.
-Contributors: 
--->
-<!DOCTYPE concept
-  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
-<concept id="GUID-AFBD4ED6-9588-531C-8EDF-566DB1D03088" xml:lang="en"><title>Signing
-SIS Files</title><prolog><metadata><keywords/></metadata></prolog><conbody>
-<p>An installation (SIS) file must be signed with a digital signature, which
-helps in verifying the identity of the vendor. This ensures that the file
-has not been tampered with since it was signed. </p>
-<p>Software install package files can be signed multiple times. However, it
-is not required to sign the file with multiple signatures at the same time.
-Signatures can be added and removed from a package file at any time if the
-relevant keys are available. <xref href="GUID-B20EE8A3-D7B2-5872-AF43-001A88C1A46E.dita">SignSIS</xref> supports
-the signing of SIS files with self-signed certificates or Symbian developer
-certificates. </p>
-<section id="GUID-52029821-0FA4-58C7-94B9-C6B845C42098"><title>Self-signed
-certificates</title> <p>The term <i>self-signed</i> means that the SIS file
-is signed by the creator of the SIS file. A SIS file is <i>self-signed</i> if
-it signed by a certificate that has been self generated. For example, using <xref href="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A.dita">MakeKeys</xref>. </p> <p>SIS
-files can be signed by Symbian application developers for programs that: </p> <ul>
-<li id="GUID-E2CB54EA-B638-5589-88FF-36DDA57E3388"><p>do not use any APIs
-protected by capability checks. </p> </li>
-<li id="GUID-717FBB11-F58A-5DE5-855A-F41A0CC9AF1B"><p>only require platform
-security capabilities that belong to the "user" or "basic" capabilities group.
-If the Software Installer is required to install a program with these capabilities,
-it can display capability information to the Symbian device user and provide
-an option to continue or cancel the installation. </p> <p>As long as the application
-requests no system capabilities, self-signed SIS files can be installed depending
-on how the installation policy has been configured by the device creator. </p> </li>
-</ul> <p> <b>Note</b>: Self-signed SIS files are not associated with a root
-certificate present on the device. </p> </section>
-<section id="GUID-95FEC08E-0E38-5F88-9FE5-D2DE16BE08FD"><title>Symbian developer
-certificates</title> <p>To test applications on Symbian devices, the SIS file
-can be signed with a Symbian developer certificate. This allows the application
-to be installed without the need for an external testing and signing process.
-Symbian developer certificates can be obtained through <xref href="http://www.symbiansigned.com" scope="external">www.symbiansigned.com</xref>. </p> <p>The usage of Symbian
-developer certificates is restricted to the following: </p> <ul>
-<li id="GUID-01E1055E-C77B-5C42-B54F-EF7A396669BD"><p>Usage with one or more
-listed phones only (through the IMEI/ESN number). </p> </li>
-<li id="GUID-D78F1294-5BB2-52BE-BA31-C06D72261B28"><p>Validity until a specific
-date, after which the certificate expires. </p> </li>
-<li id="GUID-676EB812-5C9B-5291-8746-6FA50B41F651"><p>An agreed set of capabilities
-that the certificate can grant. </p> </li>
-<li id="GUID-8C79AB5F-6708-538E-A0EA-71D493D3D576"><p>A set of SIDs of executables
-that can be installed by the SIS file. If the SIS file package UID is in the
-protected range then it must be included in the list of UIDs in the certificate. </p> </li>
-</ul> <p> <b>Note</b>: A Symbian developer certificate is indirectly signed
-against one of the Symbian root certificates, which are present on the Symbian
-device by default. </p> </section>
-<section id="GUID-C35BB441-E849-5CC4-B1B8-C50C6F250129"><title>Symbian signed
-program</title> <p>Some applications require platform security capabilities
-that cannot be granted by the Symbian application developer. These programs
-must be tested externally and signed with a certificate, which the Software
-Installer recognizes as provided by a trusted entity. </p> <p>This process
-is done through the Symbian Signed programme. For details on ACS Publisher
-ID certificates, Symbian developer certificates and the signing process, see <xref href="http://www.symbiansigned.com" scope="external">www.symbiansigned.com</xref>. </p> </section>
-<section id="GUID-D04B60BA-59A7-59FF-824F-2DC27CE01B74"><title> MANDATORY
-certificates </title> <p>If a certificate is marked as <codeph>MANDATORY</codeph> then
-any package certificate presented during the software installation, must have
-a certificate chain that resolves to this certificate (and any other certificates
-marked as <codeph>MANDATORY</codeph>). If the certificate chain does not resolve
-to a mandatory certificate, the installation fails. This feature prevents
-any unauthorized applications from being installed on the device. </p> <p> <b>Note</b>:
-Unsigned or self-signed applications cannot be installed, if a <codeph>MANDATORY</codeph> certificate
-is present. </p> </section>
-</conbody><related-links>
-<link href="GUID-03BBEA31-3266-5B1C-9017-4EE7EA4AF1A8.dita"><linktext>Creating
-and Signing an Installation File</linktext></link>
-<link href="GUID-B20EE8A3-D7B2-5872-AF43-001A88C1A46E.dita"><linktext>SignSIS</linktext>
-</link>
-<link href="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A.dita"><linktext>MakeKeys</linktext>
-</link>
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
+<!-- This component and the accompanying materials are made available under the terms of the License 
+"Eclipse Public License v1.0" which accompanies this distribution, 
+and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
+<!-- Initial Contributors:
+    Nokia Corporation - initial contribution.
+Contributors: 
+-->
+<!DOCTYPE concept
+  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
+<concept id="GUID-AFBD4ED6-9588-531C-8EDF-566DB1D03088" xml:lang="en"><title>Signing
+SIS Files</title><prolog><metadata><keywords/></metadata></prolog><conbody>
+<p>An installation (SIS) file must be signed with a digital signature, which
+helps in verifying the identity of the vendor. This ensures that the file
+has not been tampered with since it was signed. </p>
+<p>Software install package files can be signed multiple times. However, it
+is not required to sign the file with multiple signatures at the same time.
+Signatures can be added and removed from a package file at any time if the
+relevant keys are available. <xref href="GUID-B20EE8A3-D7B2-5872-AF43-001A88C1A46E.dita">SignSIS</xref> supports
+the signing of SIS files with self-signed certificates or Symbian developer
+certificates. </p>
+<section id="GUID-52029821-0FA4-58C7-94B9-C6B845C42098"><title>Self-signed
+certificates</title> <p>The term <i>self-signed</i> means that the SIS file
+is signed by the creator of the SIS file. A SIS file is <i>self-signed</i> if
+it signed by a certificate that has been self generated. For example, using <xref href="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A.dita">MakeKeys</xref>. </p> <p>SIS
+files can be signed by Symbian application developers for programs that: </p> <ul>
+<li id="GUID-E2CB54EA-B638-5589-88FF-36DDA57E3388"><p>do not use any APIs
+protected by capability checks. </p> </li>
+<li id="GUID-717FBB11-F58A-5DE5-855A-F41A0CC9AF1B"><p>only require platform
+security capabilities that belong to the "user" or "basic" capabilities group.
+If the Software Installer is required to install a program with these capabilities,
+it can display capability information to the Symbian device user and provide
+an option to continue or cancel the installation. </p> <p>As long as the application
+requests no system capabilities, self-signed SIS files can be installed depending
+on how the installation policy has been configured by the device creator. </p> </li>
+</ul> <p> <b>Note</b>: Self-signed SIS files are not associated with a root
+certificate present on the device. </p> </section>
+<section id="GUID-95FEC08E-0E38-5F88-9FE5-D2DE16BE08FD"><title>Symbian developer
+certificates</title> <p>To test applications on Symbian devices, the SIS file
+can be signed with a Symbian developer certificate. This allows the application
+to be installed without the need for an external testing and signing process.
+Symbian developer certificates can be obtained through <xref href="http://www.symbiansigned.com" scope="external">www.symbiansigned.com</xref>. </p> <p>The usage of Symbian
+developer certificates is restricted to the following: </p> <ul>
+<li id="GUID-01E1055E-C77B-5C42-B54F-EF7A396669BD"><p>Usage with one or more
+listed phones only (through the IMEI/ESN number). </p> </li>
+<li id="GUID-D78F1294-5BB2-52BE-BA31-C06D72261B28"><p>Validity until a specific
+date, after which the certificate expires. </p> </li>
+<li id="GUID-676EB812-5C9B-5291-8746-6FA50B41F651"><p>An agreed set of capabilities
+that the certificate can grant. </p> </li>
+<li id="GUID-8C79AB5F-6708-538E-A0EA-71D493D3D576"><p>A set of SIDs of executables
+that can be installed by the SIS file. If the SIS file package UID is in the
+protected range then it must be included in the list of UIDs in the certificate. </p> </li>
+</ul> <p> <b>Note</b>: A Symbian developer certificate is indirectly signed
+against one of the Symbian root certificates, which are present on the Symbian
+device by default. </p> </section>
+<section id="GUID-C35BB441-E849-5CC4-B1B8-C50C6F250129"><title>Symbian signed
+program</title> <p>Some applications require platform security capabilities
+that cannot be granted by the Symbian application developer. These programs
+must be tested externally and signed with a certificate, which the Software
+Installer recognizes as provided by a trusted entity. </p> <p>This process
+is done through the Symbian Signed programme. For details on ACS Publisher
+ID certificates, Symbian developer certificates and the signing process, see <xref href="http://www.symbiansigned.com" scope="external">www.symbiansigned.com</xref>. </p> </section>
+<section id="GUID-D04B60BA-59A7-59FF-824F-2DC27CE01B74"><title> MANDATORY
+certificates </title> <p>If a certificate is marked as <codeph>MANDATORY</codeph> then
+any package certificate presented during the software installation, must have
+a certificate chain that resolves to this certificate (and any other certificates
+marked as <codeph>MANDATORY</codeph>). If the certificate chain does not resolve
+to a mandatory certificate, the installation fails. This feature prevents
+any unauthorized applications from being installed on the device. </p> <p> <b>Note</b>:
+Unsigned or self-signed applications cannot be installed, if a <codeph>MANDATORY</codeph> certificate
+is present. </p> </section>
+</conbody><related-links>
+<link href="GUID-03BBEA31-3266-5B1C-9017-4EE7EA4AF1A8.dita"><linktext>Creating
+and Signing an Installation File</linktext></link>
+<link href="GUID-B20EE8A3-D7B2-5872-AF43-001A88C1A46E.dita"><linktext>SignSIS</linktext>
+</link>
+<link href="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A.dita"><linktext>MakeKeys</linktext>
+</link>
 </related-links></concept>
\ No newline at end of file
FCL/sftools/depl/docscontent