Lists

Open Menu Close Menu

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Signed Package Validation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Signed Package Validation

Subject: Signed Package Validation
From: Darmawan <email@hidden>
Date: Fri, 7 May 2010 07:27:09 -0500

Hi all,

I have two following questions :

1. Can you all confirm that Leopard doesn't validate the signature of the

signed *.pkg installer at all, while Snow Leopard does validate it and

it's going to even fail the installation process, if the signature is invalid

or untrusted ?

2. Can you all confirm also that the way Snow Leopard validate the date

validity of the signed *.pkg installer is by comparing the date of the

execution against the expiry date of the certificate ?

If this is confirmed, then do you all agree that it's the wrong way to

perform such validation ? In Windows installer validation, I believed

this is checked between the date when the installer is signed against

the expiry date of the certificate ?!

Thanks.

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

Next by Date: Environment variable availability within post-install script
Next by thread: Environment variable availability within post-install script
Index(es):
- Date
- Thread