Apps supplied through the App Store aren’t signed by their developer, but by Apple. Many now have certificates that have expired. When will they stop running?
certificates
A developer signed an installer package in April 2017 and it’s still valid, but Apple signed a Catalina installer app in December 2019 and its certificate has now expired. This article explains why.
An overview of code signing and certificate requirements to come when macOS 27 is released in a few months, supporting only Apple silicon Macs. How Intel Macs will be affected in the near future.
Certificates in an installer must be valid when the installer is run. Six years ago, all Apple’s ran out, and it had provide new versions. How to cope with that.
From its introduction in Leopard in 2006, some were predicting no good would come of it. From 2012 it became important with Gatekeeper, then came notarization in 2018.
We want confidence that all executable code is exactly as was built by its developer, and if any is found to be malicious, we want macOS to be able to block its launch.
How is it going to be harder to run apps that haven’t been notarized in Sequoia, and does it bring any benefit in return for the inconvenience?
Differences between file-based keychains including the login keychain, and Data Protection keychain. How the Passwords app in Sequoia caters for the latter.
iCloud Keychain is apparently the way ahead, but even Apple has a great deal more work to do before that’s feasible. A look at what’s needed.
macOS has two types of keychain, and its tools for working with them, Keychain Access and the command tool security, only work fully with one type.
The Eclectic Light Company 