hi, my "spec": 1. has the (meta-)package been signed by any existing identity 2. additionally: is the identity valid (= signed by a known authority)? thanks in advance! best, dennis _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.... This email sent to site_archiver@lists.apple.com i'm wondering if it is possible to determine whether a flat (meta-)package is properly productsigned or not. the "productsign" command itself does not seem to offer this feature and allows overwriting an existing signature without throwing errors. how do you deal with this? am i missing something?