• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Code Signing
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Code Signing

  • Subject: Re: Code Signing
  • From: Bill Cheeseman <email@hidden>
  • Date: Thu, 11 Dec 2008 14:21:21 -0500
  • Thread-topic: Code Signing
on 2008-12-11 1:22 PM, John C. Welch at email@hidden wrote:

>> Somebody please correct me if I've got any of that wrong.
>
> Nope, you're pretty much spot on, technically. I just hate the OMG aspect of
> self-signed certs.

I left out another, perhaps more important, purpose of code signing as
currently implemented by Apple. You can query the certificate in a
code-signed app and learn whether the app has been altered since it was
certified. I've forgotten whether you have to use Terminal to do this, or
the system puts up an alert all by itself. And I've forgotten whether you
must do something more to make sure the certificate of an apparently good
app is the same as the certificate provided by the original developer.

My understanding is that code signing hasn't really come to full fruition
yet. Apple encourages developers to start code signing their apps now,
because in a future version of Mac OS X non-code signed apps will cause more
nuisances for users than is currently the case. And, presumably, code signed
apps will provide even greater security than they do now. I have code-signed
pre-release versions of my products to see how hard it is, and I found that
it is exceptionally easy to do.

As to the OMG aspect of self-signed certificates, I'm not willing to pay
hundreds of dollars for a big-name commercial certificate just to calm the
ignorant. As code signing becomes more important in future versions of Mac
OS X, I'm sure Apple will get the word out through it's usual information
channels.

--

Bill Cheeseman - email@hidden
Quechee Software, Quechee, Vermont, USA
www.quecheesoftware.com

PreFab Software - www.prefabsoftware.com


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users

This email sent to email@hidden
  • Follow-Ups:
    • Re: Code Signing
      • From: "John C. Welch" <email@hidden>
References: 
 >Re: Code Signing (From: "John C. Welch" <email@hidden>)

  • Prev by Date: Re: Code Signing
  • Next by Date: Re: Comparing version strings
  • Previous by thread: Re: Code Signing
  • Next by thread: Re: Code Signing
  • Index(es):
    • Date
    • Thread