On 29.11.18 23:25, Fred Wright wrote: > In the particular case of code signing, would it be possible to do that > in the post-destroot phase, so that the signature would remain across > activations and deactivations, or does the signature mechanism defend > against that (even though a verbatim copy of signed code should still be > signed)?
No, it cannot be done in the destroot, as that are the files that will be put into an archive for redistribution. Whatever signing identity you are using might not be valid everywhere. We had a lengthy thread about code signing quite a while ago with a few different proposals: https://lists.macports.org/pipermail/macports-dev/2016-September/033518.html Rainer
