I work on a Windows/Mac cross platform application that is sometimes downloaded from web sites. It is sometimes re-branded by and sold by third parties.
I’m the ‘windows guy’, my Mac counterpart is on vacation.
I’m getting some questions from a customers about what the Mac user experience will be if we sign the Mac installer with an Apple Developer certificate in our build system with our company name. For some reason this customer doesn’t want to sign the app themselves, but doesn’t want our company name to pop up in front of the user.
Assuming the user’s OS 10.8 Gatekeeper is set to allow downloads from both the Apple App Store and from ‘identified developers’, does the user see any warning dialog that provides certificate information similar to he Windows User Access Control prompts?
In my tests it looks like internet downloaded Apple signed apps are just trusted by OS10.8, and will run without anything resembling a Windows UAC prompt. The user experience seems to be:
1) Download application from internet signed by an ‘Apple identified developer’.
2) Click the application on web browser download list or using finder.
3) Application installer runs with no warning or caution dialogs.
Is this correct?
Also, is there some way on OS10.8 for the user to view in human readable form the ‘identified developer’ certificate information of a signed file?
1
To your first question:
The user experience seems to be:
1) Download application from internet signed by an ‘Apple identified
developer’.2) Click the application on web browser download list or using finder.
3) Application installer runs with no warning or caution dialogs.
Is this correct?
Yes. That seems about right –provided you are registered with Apple and your developer ID has been approved for signing “trusted” applications. For more details on the user experience please refer to this guide. If you are not registered with Apple, then your users will get a warning (if they have not disabled GateKeeper) saying that the application is not verified and poses a risk to the system etc… (examples on the guide page I cited).
Edit: Also note that this experience would be for the defaults Apple ships with OS X 10.8 (as of today). It is possible for people/corporations to design their custom signature policies (e.g., only allow code from my own AppStore). For more details please see this document.
Now for your second question,
Also, is there some way on OS10.8 for the user to view in human
readable form the ‘identified developer’ certificate information of a
signed file?
To view the sign information please use the codesign
tool. Example,
monstertruck monstertruck $ cd /Applications/iTunes.app/Contents/MacOS
monstertruck /Applications/iTunes.app/Contents/MacOS $ codesign --display --verbose iTunes
Executable=/Applications/iTunes.app/Contents/MacOS/iTunes
Identifier=com.apple.iTunes
Format=bundle with Mach-O universal (i386 x86_64)
CodeDirectory v=20100 size=101125 flags=0x0(none) hashes=5048+5 location=embedded
Signature size=4064
Info.plist entries=36
Sealed Resources rules=13 files=348
Internal requirements count=1 size=184
More details on how to sign code and view code signatures can be found here.
1