Code-sign the application for improved keychain integration

[GoogleCodeExporter]

Telephone should be code-signed, in order for updates not to have to ask for 
permission to access 
the keychain entries.

More info here:
http://developer.apple.com/mac/library/documentation/Security/Conceptual/CodeSig
ningGuide/

Original issue reported on code.google.com by frederik...@gmail.com on 30 May 2010 at 12:17

[GoogleCodeExporter]

Yes, it would be great! Is there a way to obtain such signing identity from a 
certificate authority for free?

Original comment by eofs...@gmail.com on 30 May 2010 at 12:20

[GoogleCodeExporter]

You can create your own signing identity: "... if the only reason you need a 
certificate is for a signing identity to 
use with Mac OS X, you can create your own identity by using the Certificate 
Assistant, which is provided as part 
of the Keychain Access application."

http://developer.apple.com/mac/library/documentation/Security/Conceptual/CodeSig
ningGuide/Procedures/Pr
ocedures.html#//apple_ref/doc/uid/TP40005929-CH4-SW1

Original comment by frederik...@gmail.com on 30 May 2010 at 12:25

[GoogleCodeExporter]

Wouldn’t it be the same as when you’re using self-signed certificate on the 
site? The user doesn’t have that 
certificate authority on her computer and receives a warning.

Original comment by eofs...@gmail.com on 30 May 2010 at 12:30

[GoogleCodeExporter]

The signed apps are not verified with a CA. The signing is just used to make 
sure that two versions of an app are 
indeed by the same author, and can therefore access the same keychain entries. 
That’s why you don’t need a 
known CA.

Original comment by frederik...@gmail.com on 30 May 2010 at 12:38

[GoogleCodeExporter]

Great news, thanks! Always thought you need a CA for this.

Original comment by eofs...@gmail.com on 30 May 2010 at 12:43

• Changed state: Accepted
• Added labels: Usability