incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rony G. Flatscher (Apache)" <r...@apache.org>
Subject Re: Developer ID for digitally signing Apple OSX releases?
Date Wed, 01 Aug 2012 09:13:25 GMT

On 01.08.2012 06:08, J├╝rgen Schmidt wrote:
> Am Mittwoch, 1. August 2012 um 02:41 schrieb Rob Weir:
>> On Tue, Jul 31, 2012 at 7:23 PM, Keith N. McKenna
>> <keith.mckenna@comcast.net> wrote:
>>> With the release of OSX Mountain Lion and its new Gatekeeper feature I
>>> wanted to ask if any thought had been given by the community of applying to
>>> Apple for a Developer ID. My limited understanding is that by signing the
>>> installation files with the Developer ID it automatically unlocks the
>>> gatekeeper and allows the application to run. Otherwise there is a short
>>> process that one must go through to change the security settings for the
>>> application allowing it to open.
>>>
>>
>> We'd like to do code signing, not only for Mac but for Windows as
>> well. Signed installers are the new normal and are expected by
>> browser, anti-virus scanners and increasingly by operating systems.
>>
>> Although we have volunteers willing to do the build integration work,
>> and funds available for acquiring certificates, we've been told that
>> individual Apache projects may not do their own signing. The Apache
>> Infrastructure team is trying to figure out some way that this can be
>> done centrally. But no estimate for when this will happen.
>>
> exactly and at the moment we can only wait, I have no idea how we can help further at
the moment. Any ideas are welcome.
>
> In the meantime we should add a note about the new Gatekeeper of Mountain Lion. It's
a one time ctrl-click or opening via the context menu. After that you can run it as normal
without any further dialog from the system.
> I tried it out and forget to take screenshot to document it.
>From another opensource project: they are contemplating of using a digital key service
which would
enable them to sign their code for Linux, MacOSX and Windows, http://codesigning.ksoftware.net/..
Maybe infra is attempting to do somehting like them, otherwise they could check them out (or
other
such services).

---rony





Mime
View raw message