Sam at Javablog certainly has a very valid point.
Versign certificates for MIDP are not available on all phones.
When available, they usually make your MIDlet belong to “trusted third-party” security domains.
Currently, there are usually 2 security domains with better access to permissions: “operator” and “manufacturer”.
Obtaining your application, signed by the mobile network operator, is obviously useful only when you want to deploy it on a phone subsidized by this operator.
In fairness, operators will sometimes sign MIDlets with certificates that will work on phones sold in several countries.
I do not think that the operators are so strong that the certificates of the phone manufacturers were never included in the actual phones sold to the public.
If you plan to widely deploy your MIDlet, it is clear that receiving it is signed by only one device manufacturer, this is not so important.
Signatures with a strategy usually go hand in hand with the choice of which market to focus on.
For a small managed deployment, authentication may be sufficient, especially if your application does not do anything too sensitive.
To appeal to the entire world market, you will need to deploy many different versions of your application, each of which will be signed in accordance with the target phone. In this case, you will need at least a relationship with several MNOs, and relationships with manufacturers will also not hurt.
The signature problem is just one of the obstacles to fragmenting the large-scale development of MIDP, but it cannot be solved only with technical solutions.