On 7 Mar 2010, at 8:12 pm, Dave Carlton wrote: > I don't understand, what would be the point of a self-signed cert? And what > happens when a cert expires down the road self-signed or not? I have not > really looked at the subject so I may be showing my total ignorance.
A self signed certificate doesn't verify that you are legit, nor even that you signed it. It does however verify that the same person signed it and that it hasn't been modified since it was signed. This means that if the user has marked a previous version of the application as valid, then a new version is valid. This gets rid of all the warnings when the user launches a new unsigned version, such as whether it can access the keychain, the warning that it was downloaded from the internet (and does the user want to continue). Code signing is also used by the OS X firewall and the parental controls, as well as a few other things. It is more a security feature than anything on the Mac. --------------------------------- Martin Pilkington Writer of Weird Symbols [email protected] [Non-text portions of this message have been removed]
