Device implementations MUST install and run Android “.apk” files as generated by the “aapt” tool included in the official Android SDK. For this reason device implementations SHOULD use the reference implementation’s package management system.
The package manager MUST support verifying “.apk” files using the APK Signature Scheme v2 and JAR signing.
Devices implementations MUST NOT extend either the .apk, Android Manifest, Dalvik bytecode, or RenderScript bytecode formats in such a way that would prevent those files from installing and running correctly on other compatible devices.
Device implementations MUST NOT allow apps other than the current “installer of record” for the package to silently uninstall the app without any prompt, as documented in the SDK for the DELETE_PACKAGE permission. The only exceptions are the system package verifier app handling PACKAGE_NEEDS_VERIFICATION intent and the storage manager app handling ACTION_MANAGE_STORAGE intent.