Here's another thought:
why don't we just all use one
In the Amazon ecosystem, one certificate per developer makes sense: this way, both the developer, and Amazon, can control who is allowed to execute the software.
In a "hacking community", one certificate per developer makes no sense at all: it only hinders distribution of the software, because (potential) users probably don't have the certificate installed.
Just like we all use one single jailbreak certificate recognized by all devices (I'm speaking for the Kindle Touch here, but I assume that the logic is very similar for other devices), why don't we all use the same signer certificate for Kindlets?
- individual signatures only make sense if you want to individually control the distribution of your applications, to make sure that people who didn't pay don't get to execute your application on your device
- this entire forum is about freely providing applications for anyone who is interested, and in fact the "distributors" *want* their code to be freely available.
- there are multiple commonly known identities which are widely known.
- I personally use the "test" identity for signing my applications, so that they can be run on a wide variety of devices with no further hassles. Everybody can sign their applications using that key, just like everyone can sign their firmware updates using the well-known jailbreak keys.
If the goal is to have a wide distribution of our applications despite
DRM, then why should we create more and more identities, instead of just using a single, well-known, identity that we can all use?
I vouch for the "test" key
. Every currently known application (to me) could have been signed using that identity, and it would work on all devices.