Well, in regards to the file - it is for Debug Systems only, and uses a different key, we have already looked into that.
Furthermore, we can change files on the flash, HOWEVER the certificates are stored inside an encrypted filesystem, which is stored like a file on the flash, so we can not (yet) alter contents inside of it.
In regards to the SELF, the basis for retail SELF's is a SCE header with certain flags, an ELF header with flags, some hashes of encrypted data, then the encrypted data, followed by relocated ELF data at the bottom, which is mostly tables to tell where data is stored inside the decrypted ELF. No, we can not run a SELF inside otheros.
As for any unencrypted self, its a development self.