This seems pretty basic but I can't find the info I'm looking for anywhere, particularly with regard to Android apps.

I am creating my release key (self-signed) and I am asked for lots of info:

First and Last Name: (OK; not likely to change)

(OK; not likely to change) Organizational Unit: (Is this one's "business name"?)

(Is this one's "business name"?) Organization: (How's this different from the "Unit" above?)

(How's this different from the "Unit" above?) City or Locality: (This may change...)

(This may change...) State or Province: (Also may change...)

(Also may change...) Country Code (XX): (OK; not likely to change)

With that in mind, I've got two basic questions about self-signed certificates used to distribute Android apps:

On creation, can I leave any of these fields EMPTY, particularly the ones that are likely to change? Or is that forbidden? (The big question.) What if I want to change a given field later? Does that mean creating a new key and having everyone reinstall the app to ever upgrade again, even if I have the original key? (Seems to be the case, judging by what little I have found.)

Thanks in advance!

Edit: More info on #1 above: if this is anything like SSL certs, then the Name, Organization and Country should be sufficient. But IS that the case? Pros and cons of leaving any/all the other fields blank? I can't be the only one who's wondered about this in terms of apps... and the Android docs I've read so far aren't helping clarify this.

For #2, it appears that changing the certificate means regenerating it, and signing with that new cert doesn't avoid the Market problem (it's like a whole new app, even if you sign with both the new AND old certs). So it's all the more important to get it right (yet sufficiently generic in case you move) the first time you sign the app.