*  Coffee louipc 
 

You can follow the conversation on MicroG by going back to Nov 24 7:37PM starting with STRCAT's post

As  I understand it  

MicroG for GOS will be a separate app, built by GOS.  

It will not be bundled into GOS, but will be an optional app to be installed.  

It will have no special privileges.  

There will be no whitelisting etc which which would break the AOSP security model by bypassing signature checks.

It will not have  geocoding/location provider function.  That will be handled with standard generic AOSP APIs if needed (see strcat comments in string)

The OS Package Manager will still follow the ASOP security model sig checks.  

The only special thing it will do is appear to signed by Google Play Services.  It will spoof one of their keys. 

 But all apk will still follow the standard. AOSP implemented id /key sig checks.  GOS built MicroG will only pass (spoof) the google key to the apk to satisfy that check for those apks.

That is how I interpreted STRCAT   statements.  I might have gotten something wrong hence why its best to go read for yourself.