incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rony G. Flatscher (Apache)" <>
Subject Re: Developer ID for digitally signing Apple OSX releases?
Date Wed, 01 Aug 2012 09:13:25 GMT

On 01.08.2012 06:08, J├╝rgen Schmidt wrote:
> Am Mittwoch, 1. August 2012 um 02:41 schrieb Rob Weir:
>> On Tue, Jul 31, 2012 at 7:23 PM, Keith N. McKenna
>> <> wrote:
>>> With the release of OSX Mountain Lion and its new Gatekeeper feature I
>>> wanted to ask if any thought had been given by the community of applying to
>>> Apple for a Developer ID. My limited understanding is that by signing the
>>> installation files with the Developer ID it automatically unlocks the
>>> gatekeeper and allows the application to run. Otherwise there is a short
>>> process that one must go through to change the security settings for the
>>> application allowing it to open.
>> We'd like to do code signing, not only for Mac but for Windows as
>> well. Signed installers are the new normal and are expected by
>> browser, anti-virus scanners and increasingly by operating systems.
>> Although we have volunteers willing to do the build integration work,
>> and funds available for acquiring certificates, we've been told that
>> individual Apache projects may not do their own signing. The Apache
>> Infrastructure team is trying to figure out some way that this can be
>> done centrally. But no estimate for when this will happen.
> exactly and at the moment we can only wait, I have no idea how we can help further at
the moment. Any ideas are welcome.
> In the meantime we should add a note about the new Gatekeeper of Mountain Lion. It's
a one time ctrl-click or opening via the context menu. After that you can run it as normal
without any further dialog from the system.
> I tried it out and forget to take screenshot to document it.
>From another opensource project: they are contemplating of using a digital key service
which would
enable them to sign their code for Linux, MacOSX and Windows,
Maybe infra is attempting to do somehting like them, otherwise they could check them out (or
such services).


View raw message