Nokia - help us help you

[sambo1972]

Dear Nokia,

We're all really excited about Ovi, but this signing is an ongoing issue with Java ME. As the world's leader you've given us tools to play with and a market to target. For that we're grateful - however.

As you know, the operators worldwide have done their level best to control Java ME with draconian security policies on their branded handsets and severely restricted ISVs as a consequence. Under the guise of maintaining subscriber safety it's a direct revenue pipeline for them - so you pay to join their developer program (and each one is different with another fee) so you can get your app signed into their custom protection domain.

Just so that then, in theory, you can use JSR-75 to open a simple text file without 18 prompts.

Imagine buying a PC and having your ISP decide what applications you can install on it and what they're allowed to do. Or you write an application that uses Notepad but have to get it signed by Microsoft before you can use it - even if it's just for your own amusement.

The only reason they've got away with this over the last 10 years is that the general public isn't aware that this is happening. It's absurd.

For God's sake Nokia - you're big enough to set the rules here! Let us sign into the manufacturer's protection domain (or some useful new one) and let's put this rubbish behind us!

This is a real (and maybe final) chance for you to un-f&%#k the Java ME signing industry and keep the operators out of the process. We're all keen to sell directly to the consumer and I for one am happy with 70% rev share if it means that I don't have to bend over and touch my toes for telcos.

So given this statement:

"Java and Symbian applications must be signed appropriately, no signing related warning messages are allowed at any circumstances"

We'll need some help to make Ovi a success in the Java ME space.

Symbian apps are no problem because the telcos can't control Symbian Signed (thank the Lord).

But when it comes to Java ME access rights, you, Nokia, need to help us - the people out here trying to explain this joke to non-technical clients and customers, overcome stupid API policies on branded handsets such as AT&T (http://wiki.forum.nokia.com/index.ph...cess_rights_v3).

If nothing else we'll need to access IMEI and/or IMSI info for licensing. I know we can do this in the manufacturer's domain - so how about a tutorial/walkthrough on the Ovi homepage for getting that working via Java Verified? At least make it clear that almost every operator will shutdown API access on branded handsets so that the developer market for Ovi doesn't get stung this time around.

If the telcos don't want to play (and they won't) then eventually less people will get caught with branded handsets in the future. I know I'm helping spread the word on that here in Oz.

Either way, let's sort this out hey? It'd be unbelievable to see Ovi have the same success as the Apple app store and we want to help.

Thanks

Sam

[sambo1972]

Oh - I meant to add one more thing for the benefit of those who read this (and forgive me if you already know this):

If you read this on the Wiki:

http://wiki.forum.nokia.com/index.ph...ng_for_dummies

You'll see that you can sign a MIDlet with Verisign and Thawte certs too - BUT that's different from Java Verified which signs your binary against the Unified Testing Initiative (UTI) cert event though they install to the same protection domain.

It's not only an Ovi requirement - some manufacturers don't even allow the use of Verisign or Thawte certs for the purposes of MIDlet signing (see https://support.developer.motorola.c...70297506&p_sp=)

So don't go off happily signing your MIDlet on your own or it'll end in tears.

Read this:

http://wiki.forum.nokia.com/index.php/Java_Verified

and go from there.

Sam

[cozmin]

I'm afraid if Nokia can't (or don't want) to push the operators to change the rules, the J2ME world will be less and less attractive in the future for small developers and eventually they start to migrate to other platforms (Android, iPhone) where the rules are more relaxed. I think it isn't very difficult to make an automatic testing platform and assign certificates (or reject the application if something it's wrong with it), but you have to have the will to do so.

[TAIT CREATion]

I'm afraid if Nokia can't (or don't want) to push the operators to change the rules, the J2ME world will be less and less attractive in the future for small developers and eventually they start to migrate to other platforms (Android, iPhone) where the rules are more relaxed. I think it isn't very difficult to make an automatic testing platform and assign certificates (or reject the application if something it's wrong with it), but you have to have the will to do so.

I know of two companies that are moving to develop for iPhone for this reason as I understand it. I myself work exclusively in Flash and Flashlite and distribute through a 3rd party so have no direct opinion but have to say I agree with the principle. I plan to submit content in my own right soon and therefore I am just trying to work out what issues with signing I need to understand - I will ask that question in another thread however.

[allanmac]

Nokia, I assume you understand that requiring JavaVerified is going to seriously limit the number of Java submissions.

JavaVerified is an expensive process. How will signed Java applications realistically break even? Odds are they won't.

How is Nokia going to help developers succeed?

-Allan

[alanrichey]

Nokia, I assume you understand that requiring JavaVerified is going to seriously limit the number of Java submissions. JavaVerified is an expensive process. How will signed Java applications realistically break even? Odds are they won't.

How is Nokia going to help developers succeed?

-Allan

Actually the same applies to Symbian submissions. As a one man 'hobbyist' programmer I have been writing applications for Symbian (and before that Psion) platforms since 1994 and in a small way I was quite successful, that was until 'Symbian Signed' arrived. That system is much too expensive for people like me without the backing of a large company, and now I appear to be being frozen out of Ovi as well. Nokia Supermarket generously gave me a waiver on Symbian signed when I uploaded my content to them, and we have had no problems since then, but I guess from the statements we are seeing on this board that Ovi are not going to be as flexible.

I guess I will have to give up on Nokia and concentrate my time on Windows Mobile, which has a much less draconian approach to third-party applications.

A pity after nearly 15 years, but apparently past performance and supporting Nokia by helping them sell more phones counts for nothing.

Al Richey
RMR Software