Re: Code Signing Key Revocation Procedure?
Re: Code Signing Key Revocation Procedure?
- Subject: Re: Code Signing Key Revocation Procedure?
- From: Jeffrey Walton <email@hidden>
- Date: Tue, 22 Oct 2013 21:16:16 -0400
On Tue, Oct 22, 2013 at 8:58 PM, Shane Stanley
<email@hidden> wrote:
> On 23 Oct 2013, at 11:48 AM, Jeffrey Walton <email@hidden> wrote:
>
>> Yes, I'm in both programs and the email specifically discussed my app:
>> "Users who have already purchased your Mac app..."
>
> But it doesn't actually name any app. It's just bad wording, as Sean said.
>
>> Its pretty clear to me there's an app out there with my name on it
>> (ergo, signed by my key).
>
> I suggest you take a deep breath and look at it again.
Well, the problem is the legal surrounding these things. If there's
going to be an error, I think it should be on the side of caution.
My liability ends once I report it to Apple, and Apple's liability
ends once the certificates are listed on the CRL (or made available to
an OCSP responder).
Actually, I'm probably f**k'd either way. Apple's Terms of Use is
toxic, and I believe they inserted clauses so I take on their
liability and have to defend them (even when they or their partners
are negligent or grossly negligent). So that's even more reason to get
these certificates revoked immediately.
Jeff
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden