fixup! fixup! Add notarization support

README.md

@@ -235,6 +235,7 @@ See the **SIGNED PACKAGES** section of the man page for `pkgbuild` or the **SIGN
 
 - Please read the [Customizing the Notarization Workflow](https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution/customizing_the_notarization_workflow) web page before you start notarizing your packages.
 - Xcode 10 (or newer) is **required**.  If you have more than one version of Xcode installed on your Mac, be sure to use the xcode-select utility to choose the appropriate version: `sudo xcode-select -s /path/to/Xcode10.app`.
+- Unproxied network access to the Apple infrastruture (Usually `17.0.0.0/8` network) is required.
 - Notarization tool tries to notarize not only the package but also the package payload. All code in the payload (including but not limited to app bundles, frameworks, kernel extensions) needs to be properly signed with the hardened runtime restrictions in order to be notarized. Please read Apple Developer documentation for more information.
 
 You may notarize **SIGNED PACKAGES** as part of the build process by adding a `notarization_info` dictionary to the build\_info.plist:
@@ -274,6 +275,10 @@ Keys/values of the `notarization_info` dictionary:
 | primary_bundle_id | String  | No       | Defaults to `identifier`. `primary_bundle_id` is usefull when `identifier` contains characters such as '_' Apple notary service does not like |
 | staple_timeout    | Integer | No       | See paragraph bellow |
 
+**About accessing password in keychain**
+If you configure `munki-pkg` to use the password from the login keychain user is going to be prompted to allow access to the password.
+You can authorized this once clicking *Allow* or permenently cliking *Always Allow*.
+
 **About stapling**
 
 `munki-pkg` basically does following: