[Haskell-cafe] Haskell development in Mac OS X after Gatekeeper

Manuel M T Chakravarty chak at cse.unsw.edu.au
Tue Feb 21 09:48:12 CET 2012

Austin Seipp:
> The only two things not clear at this point, at least to me, are:
> 1) Will Apple require the paid development program, as opposed to the
> free one, if you only want to self-sign applications with a cert they
> trust?

You can self-sign applications with a certificate that you get with a free developer ID.

Cf. http://daringfireball.net/2012/02/mountain_lion
>> Apple is calling it “Gatekeeper”. It’s a system whereby developers can sign up for free-of-charge Apple developer IDs which they can then use to cryptographically sign their applications. If an app is found to be malware, Apple can revoke that developer’s certificate, rendering the app (along with any others from the same developer) inert on any Mac where it’s been installed. In effect, it offers all the security benefits of the App Store, except for the process of approving apps by Apple.

> 2) What will the default Gatekeeper setting in Mountain Lion be?

The default is the "middle option" — i.e., AppStore and self-signed apps run.

From the same source,
>> The default for this setting is, I say, exactly right: the one in the middle, disallowing only unsigned apps. This default setting benefits users by increasing practical security, and also benefits developers, preserving the freedom to ship whatever software they want for the Mac, with no approval process.

> In an ideal world, you won't require the paid dev ID (I
> don't know the expense of giving out certs however,) and the default
> setting would be App store + Dev signed.

It is an ideal world :)


More information about the Haskell-Cafe mailing list