Chapter 4 Application Deployment
This chapter describes features in Windows Mobile including new security features, how to package applications,
and procedures for deploying applications onto the MC65.
The MC65 implements a set of security policies that determine whether an application is allowed to run and, if
allowed, with what level of trust. To develop an application, you must know the security configuration of the device,
and how to sign an application with the appropriate certificate to allow the application to run (and to run with the
needed level of trust).
Application security controls the applications that can run on the MC65.
Trusted - All applications must be digitally signed by a certificate on the MC65.
Prompted - User is prompted to allow unsigned applications to run.
Open - All applications run.
Developers can include their own certificates and provision the device to "trusted."
Digital signatures provide a way to authenticate the author of EXEs, DLLs, and packages. Digitally signed
applications give users confidence that an application comes from where they think it comes from. For example, if
an end-user downloads an update package from the internet that is digitally signed with Motorola's software
certificate, they are assured that the package is authentic and that it was created by Motorola. By enforcing the use
of digital signatures, users can also prevent malicious applications from executing on the MC65. For example,
users can provision the MC65 to only execute "trusted" applications (digitally signed).
Motorola ships all Windows Mobile 6 based products in an "open" state, which means all signed and unsigned
applications should work. However, customers can still reconfigure their MC65 to operate in the "trusted" mode.