• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Code Signing
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Code Signing

  • Subject: Re: Code Signing
  • From: Bill Cheeseman <email@hidden>
  • Date: Thu, 11 Dec 2008 12:54:30 -0500
  • Thread-topic: Code Signing
on 2008-12-11 10:38 AM, John C. Welch at email@hidden wrote:

> If you want it signed, you sort of really want to do it via someone who has
> a well-known chain of trust. However, I've not seen a *requirement* that you
> use a well-known cert provider.

John, I'm not sure that's consistent with Apple's current purposing of the
code-signing mechanism. Apple's code-signing documentation indicates that
using a certificate you make yourself for free (using Keychain Access) is
perfectly acceptable. It's what I am doing myself with the next version of
my commercial products.

What follows is my understanding from recent reading. I don't guarantee that
I've got it exactly right.

An Apple code-signing engineer explained the idea behind code signing
recently on another Apple mailing list. As I understood him, it is meant
only to assure users that an upgrade to an application comes from the same
source as an earlier version installed on the machine. For that reason, Mac
OS X won't put up the same level of warning alerts when updating software
that is code-signed. So, if a user has had a good experience (i.e., a safe
experience) with the first version of an application, he/she can have
whatever confidence follows from knowing that the second version is from the
same source. Privately signed certificates are as good as certificates
signed by a commercial certificate-issuing company for this purpose, due to
the encryption/authentication mechanisms built into code-signing
certificates. Code signing reliably indicates that two certificates have the
same source, not that the source is safe.

I can see the case for relying on code signing for something more, such as
an assurance that the first version of an application is not from a hacker
masquerading as a legitimate developer. But that would only work if the
commercial certificate issuing companies undertook to investigate and
guarantee the bona fides of the developers to whom they issue certificates.
I haven't researched the topic, but I'm not aware that the certificate
issuing companies do that at this time.

Somebody please correct me if I've got any of that wrong.

--

Bill Cheeseman - email@hidden
Quechee Software, Quechee, Vermont, USA
www.quecheesoftware.com

PreFab Software - www.prefabsoftware.com


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users

This email sent to email@hidden
  • Follow-Ups:
    • Re: Code Signing
      • From: "John C. Welch" <email@hidden>
References: 
 >Re: Code Signing (From: "John C. Welch" <email@hidden>)

  • Prev by Date: Re: Comparing version strings
  • Next by Date: RE: Problem getting files by file type or extension
  • Previous by thread: Re: Code Signing
  • Next by thread: Re: Code Signing
  • Index(es):
    • Date
    • Thread