Re: Expiration of Developer ID Installer certificates
Re: Expiration of Developer ID Installer certificates
- Subject: Re: Expiration of Developer ID Installer certificates
- From: Carl Windus <email@hidden>
- Date: Fri, 04 Aug 2017 01:38:47 +0000
Signed packages work "well" in scenarios where an app is distributed
through the App Store. These apps are likely to be frequently updated, so
the issue of a certificate expiring is less of a problem than an app being
distributed outside of the App Store.
Signed apps/packages is another layer of "trust"; that is, trusting that a
bad actor hasn't maliciously compromised the app/package (ignoring that a
bad actor can still use an Apple Developer account to get a signing
certificate).
<trimmed for brevity>
> I'm also wondering why installers work this way in macOS in the first
> place... who's being protected by allowing installers to effectively
> expire? Why not have it work the same as applications and make the
> installers remain valid in perpetuity as long as the certificate used to
> sign them was valid at the time of signing?
>
> - Brian
>
>
> --
--
Kind regards,
*Carl Windus | **IT Support Officer** (Project Manager)* | Dip IT
(Networking)
*We invite you to visit our website
<http://www.redlands.qld.edu.au/>. Read the latest news on our official
Redlands Facebook page <https://www.facebook.com/redlandscollege>.*
--
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden