Code Signing on macOS #436
Comments
|
Hi. I understand that it's annoying to get warnings on macOS & Windows system. It's currently possible to verify the authenticity of the shared installation packages and more importantly the fact that those packages have been actually assembled from the shared code, via the hash sums which get printed to console by CI job, see #183 for details. This has to be verified manually though, at the moment. I will merge this issue with #219.
That would, unfortunately, be not just like a one-off money concern but also a maintenance burden increasing matter. Sort of thing that I'm not ready to be committed to at this time, as this project is not a product.
Not a product. Yes, there are security elements involved, but the overall focus is enhancing the user experience of using the proton service on the desktop. |
|
So, the thing is, this isn't just about actually validating the security — although that's an important step, as well (and I do not think one that a "roll-your-own" solution like hashes in CI output really satisfies!). Instead, it's a concern of user-experience, marketing, and accessibility: security isn't valuable if it's only available to experts; security must be designed for all comers. i.e.: No, "it's not a product" is not remotely a good enough excuse. Anyway, that said, I understand there are fundamental theoretical differences between how you and I approach security; and that's okay — I don't mean the above as a value-judgement against you yourself; and I also certainly and intimately understand WONTFIXes and out-of-scope as a fellow maintainer of OSS. I wish you all the best even if this particular Issue won't become resolved. Fly safe! o7 |
It has not been named as a solution, but a way, so more like a workaround since requires manual effort.
Clearly quite important things for the product.
I didn't think I was looking for an excuse but highlighting the fact. Although I admit I might be wrongly understood sometimes since English is not my first language (yes this is an excuse this time).
Thanks for understanding. I would also not judge someone's security approach just by some open-source, not a product-like project as this would look like a room for a better understanding of the nature of such kinds of projects. It's a given thing, keeping publicly maintaining of which requires striking the balance between the aspects of quite different matters. Anyway, thanks for raising the valid concern. I'm aware of it and I'm not ready to move forward with the process of resolving it. |
Hi. Is there any chance we could get the macOS releases code-signed? For a security-related product like this, it's super-important; even if it's cross-platform, and you don't really want to focus on macOSisms, it'd make a huge deal to all of us.
(If the Apple yearly fee is a concern, I'm happy to talk about some possible solutions to that; let me know and I'll drop some contact-info.)
The text was updated successfully, but these errors were encountered: