symbian Developer Certificates Svn ian is introducing freeD able develone wae8Uisoohceeanato elop and isvalidated by therAC PuDthey willaarm Unsigned or Symbian Signed ia the existin publicly acce for the very limited number of developers who need to obtain such access. fhneapgneap5caomahnsnanbomtoocgheegrwgapIetoeotheaneatsatceasgaggentee ou do need to consider how S arket Sv ieSn9yDehaendocedanmseamaeece nbian Signed is areeeedstniardonwhatseatmredionan appications to be Symbian Signed before they distribute them.in order to help boost user confidence. xpecting The Symbian Signed process basically remains: ·au8asceaabeRgeyneceticaeauharTmsaccasepdeieae You pre-test against the Symbian Signed test criteria on your own phone(s) tunity to join the eatganneBeaetie3thise Spcnegn8aEeiedpbeiaehsygandntoducngepandedrouestomaketorsnalertSvs.adfewaeand Conclusion Over the next 3-6 months you need an action plan in place to ensure that: .Your technical staff understand important changes in Symbian OS v9 www.symbian.comDeveloper Certificates Symbian is introducing free ‘Developer Certificates’ (DevCerts) to enable developers to write and test Symbian OS applications on target devices before submitting them for signing. DevCerts allow you to access sensitive capabilities on your own phone and to freely develop and debug your applications without the need for special phone software builds or other expensive alternatives. Importantly, not all applications need access to sensitive capabilities, so not all applications will require a Developer Certificate. Individual developers can register at the Symbian Signed website and download free Developer Certificates restricted to a single phone (via the IMEI number) with a validity period of six months. Professional development organisations, with an ACS Publisher ID, can get DevCerts that work on up to 20 devices with a validity period of six months. As their identity is validated by their ACS Publisher ID, they will also gain slightly more access to some of the sensitive capabilities. Unsigned or Symbian Signed Once you have completed your development, the next phase is to decide whether to leave your application unsigned or pass it through Symbian Signed. The great news is that Symbian OS v9 will not introduce a significant amount of change from what is happening already with Symbian Signed and existing versions of Symbian OS. For applications which use sensitive system functionality, the enhanced security model means it will be necessary to pass through Symbian Signed in order for your application to access these APIs. In most cases, signing will be via the existing, publicly accessible Symbian Signed process. However the ‘right’ to sign against some very inner core functionality – such as DRM or granting access to the underling file system – will only be possible with permission from the specific phone manufacturer. Details of this process are available on the Symbian Signed site for the very limited number of developers who need to obtain such access. As an unsigned application has no proof of origin the user will continue to see the familiar ‘health warning’ to advise that the application is from an unknown source. So, even if your application does not need to access any sensitive API, you do need to consider how Symbian Signed may be beneficial for your route-to-market. Symbian Signed is increasingly being endorsed and used as the industry-wide agreed standard on what is required from an application to be distributed to mass-market devices. Already an increasing numbers of channels are expecting applications to be Symbian Signed before they distribute them, in order to help boost user confidence. The Symbian Signed process basically remains: ƒ You obtain an ACS Publisher ID from VeriSign (the certificate authority). This is a crucial step and effectively provides assurance of organisational identity ƒ You pre-test against the Symbian Signed test criteria on your own phone(s) ƒ You submit your application to one of the independent test houses (currently NSTL, MphasiS, and CapGemini). Turnaround time for testing is usually around one week. For Symbian’s Platinum Partners and large ISVs that meet the eligibility criteria, there is the opportunity to join the Self Certification program. Self Certification allows you to run the test criteria in you own QA process, rather than requiring an independent test house. Symbian Signed will be announcing and introducing expanded routes to market for smaller ISVs, and freeware and open source developers later this year. Conclusion Over the next 3-6 months you need an action plan in place to ensure that: ƒ Your technical staff understand important changes in Symbian OS v9