incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: Developer ID for digitally signing Apple OSX releases?
Date Wed, 01 Aug 2012 17:22:10 GMT
On Wed, Aug 1, 2012 at 1:05 PM, drew <drew@baseanswers.com> wrote:
> On Wed, 2012-08-01 at 06:08 +0200, J├╝rgen Schmidt wrote:
>> Am Mittwoch, 1. August 2012 um 02:41 schrieb Rob Weir:
>> > On Tue, Jul 31, 2012 at 7:23 PM, Keith N. McKenna
>> > <keith.mckenna@comcast.net> wrote:
>> > > With the release of OSX Mountain Lion and its new Gatekeeper feature I
>> > > wanted to ask if any thought had been given by the community of applying
to
>> > > Apple for a Developer ID. My limited understanding is that by signing the
>> > > installation files with the Developer ID it automatically unlocks the
>> > > gatekeeper and allows the application to run. Otherwise there is a short
>> > > process that one must go through to change the security settings for the
>> > > application allowing it to open.
>> > >
>> >
>> >
>> > We'd like to do code signing, not only for Mac but for Windows as
>> > well. Signed installers are the new normal and are expected by
>> > browser, anti-virus scanners and increasingly by operating systems.
>> >
>> > Although we have volunteers willing to do the build integration work,
>> > and funds available for acquiring certificates, we've been told that
>> > individual Apache projects may not do their own signing. The Apache
>> > Infrastructure team is trying to figure out some way that this can be
>> > done centrally. But no estimate for when this will happen.
>> >
>> exactly and at the moment we can only wait, I have no idea how we can help further
at the moment. Any ideas are welcome.
>>
>> In the meantime we should add a note about the new Gatekeeper of Mountain Lion. It's
a one time ctrl-click or opening via the context menu. After that you can run it as normal
without any further dialog from the system.
>> I tried it out and forget to take screenshot to document it.
>>
>> Juergen
>
> Hi,
>
> Installed the latest 3.4.1 build, as administrator, under Vista
> yesterday and started a few checks.
>
> Ran into this:
> http://lo-portal.us/aoo/temp/send-doc-warning.png
>
> I'm not totally sure on this but I assume that when the install files
> are signed it would take this away also - yes?
>

"Reputation" is based on several factors, generally proprietary to
each AV vendor.  Signing (or lack of it) can be one factor.  Another
one is how new the program is, and how many other users have already
installed it.  We generally get over this issue within a few days of
release, after we get a few 100 thousand users.

-Rob

> Thanks,
>
> //drew
>
>> >
>> > Regards,
>> >
>> > -Rob
>> >
>> > > Based on a question in the user mailing list I am adding a link to the
>> > > Release Notes in the known problems section on how to make the required
>> > > change.
>> > >
>> > > Regards
>> > > Keith
>> > >
>> >
>> >
>> >
>>
>>
>
>

Mime
View raw message