Tizen application packages must be signed with 2 signatures—author and distributor—based on the W3C recommendations for XML digital signatures for widgets:
An author signature determines the integrity of an application package as intended by the developer and confirms that all applications that are signed with same author certificate are trustworthy. The author certificate, which is used for signing an author signature, must be attached with the Tizen Developer Certificate Authority certificate and generated with the shell or command line tool in the SDK.
A distributor signature is generated by an application publisher, such as the Tizen Store, to confirm that the publisher has distributed the application package and to prove the integrity of application package. The Tizen distributor signature determines the privilege levels granted for a particular application. Each privilege level is bound to an individual certificate for the distributor signature. For example, if an application is signed with the public level certificate for the distributor signature, the application must be limited only to public level privileges.