MIDlet Suites
Attributes defined within the manifest of the JAR are protected by the signature. At-
tributes defined within the JAD are not protected or secured. Attributes that appear
in the manifest (JAR file) will not be overridden by a different value in the JAD for all
trusted MIDlets. If a MIDlet suite is to be trusted, the value in the JAD will equal the
value of the corresponding attribute in the manifest (JAR file), if not, the MIDlet suite
will not be installed.
The attributes MIDlet-Permissions (-OPT) are ignored for unsigned MIDlet suites. The
untrusted domain policy is consistently applied to the untrusted applications. It is
legal for these attributes to exist only in JAD, only in the manifest, or in both loca-
tions. If these attributes are in both the JAD and the manifest, they will be identical.
If the permissions requested in the HAD are different than those requested in the
manifest, the installation must be rejected.
Methods:
1.
MIDlet.getAppProperty will return the attribute value from the manifest
(JAR) if one id defined. If an attribute value is not defined, the attribute
value will return from the application descriptor (JAD) if present.
8.14 Creating the Signing Certificate
The signer of the certificate will be made aware of the authorization policy for the
handset and contact the appropriate certificate authority. The signer can then send
its distinguished name (DN) and public key in the form of a certificate request to the
certificate authority used by the handset. The CA will create a x.509 (version 3) cer-
tificate and return to the signer. If multiple CAs are used, all signer certificates in the
JAD will have the same public key.
8.15 Inserting Certificates into JAD
Java ME Developer Guide
Chapter 8 - MIDP 2.0 Security Model
[59/201]
DRAFT - Subject to Change