Dashboard > Garnet's Wiki > Home > The High Cost of Digital Code Signing Certificates To Give Away Free Applications > Code signing blogs and articles
  Garnet's Wiki Log In | Sign Up   View a printable version of the current page.  
 
Code signing blogs and articles
   
Google
 Browse Space
Added by Garnet R. Chaney, last edited by Garnet R. Chaney on Sep 03, 2008  (view change)
Labels: 

Code Signing Articles

  • Adobe is trying to jump start the process of developers getting certs by giving out 135 thawte code signing certs for Adobe Air (May 30, 2008) - http://www.flashcodersny.org/wordpress/?p=160
    • They are good for one year. After that, standard renewal rates apply.
    • Blog article of someone who received their Adobe AIR code signing cert through this offer - blogpost
      • It took two months for him to receive the cert! Thawte customer service is very slow and unresponsive! Garnet's note: That is typically what happens when there is an overpriced incumbent with no competition
  • http://www.tuaw.com/2008/03/11/rogue-amoeba-on-code-signing-iphone-sdk - Thoughts about code signing by Mike Ash
    • Apparently is going to be choosy about what gets signed - In regards to the issue of "porn", he notes that "...Apple is making moral judgements of the apps they sign." To me, it seems like Apple chose the safe option and just categorically denied materials that could sully their reputation
  • http://www.rogueamoeba.com/utm/2008/03/07/code-signing-and-you/ - Code Signing and You
    • Code signing is gradually but deeply changing the nature of the platforms we work on.
    • Signing your code is not elective for Leopard. You are expected to do this, and your code will increasingly be forced into legacy paths as the system moves towards an "all signed" environment. You may choose to interpret our transitional aids as evidence that we're not really serious. That is your decision. I do not advise it. - source
    • In order to achieve the nirvana of only running valid code, the system must completely refuse to run unsigned code.
    • iPhone makes it even tighter - Phones will only run apps signed by Apple. It also applies [FairPlay] to the package. - Deric Horn twitter message
      • Apple charges $99 to enroll, and then you get a cert that only signs apps to run on your own phone, or others provisioned with that cert.
      • Jobs has said that these kinds of apps will not get signed: Illegal, malicious, unforeseen, privacy, porn, bandwidth hog
        • I can only assume that they will be applying the legal standards of California, USA to all apps, even if the developer is in Lithuania and the user is in Italy.
        • According to comments: for instance, Apple has said they'll block [VoIP] over EDGE.
    • Code signing itself is a neutral technology, but it gives incredible power to the system vendor, and that power is just waiting to be exercised and abused.
    • Every smartphone platform in existence to date has permitted unsigned applications, and nobody's phones have crashed due to them. No networks have been destroyed by [VoIP] over EDGE or EV-DO.
    • I shouldn't have to pay Apple $100 for the privilege of running my apps on my phone.
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.4.3 Build:#705 Mar 21, 2007) - Bug/feature request - Contact Administrators
Complete Wiki Notation Guide