I have written several Android apps and deployed them to my G1 using a self-signed cert. What I don't understand is how that cert is bound to a) the app and b) me once created. For example, if I then want to take my app further and share my code with other developers, they need to use it to deploy to their g1's. But they will have their own certs - so why can't they user them? And which do we use when publishing to the marketplace?

Suppose further there is a serious problem with the app and Google reverts the cert. I don't necessarily mean a malicious one on my part, perhaps a flaw in Android itself is discovered which the app unwittingly is able to exploit. If Google revokes the cert is that app dead for ever or just that version? What about earlier versions? Once published with one cert, can a future version be published with another?