tag:blogger.com,1999:blog-4238494280010469357.post2308180060031777714..comments2008-02-14T09:21:09.392+13:00OneSadCookiehttp://www.blogger.com/profile/04354982399760362605noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-4238494280010469357.post-35998410423863613512008-02-14T09:21:00.000+13:002008-02-14T09:21:00.000+13:00Checking on keychain access is all well and good, but my keychain data is not the only important data on my system. Why not verify at launch to provide the extra security?<BR/><BR/>I'm not thinking of the quarantine dialog, I'd want the signature to be checked at each launch to be sure the app I'm running is the app I think I am.OneSadCookiehttp://www.blogger.com/profile/04354982399760362605noreply@blogger.comtag:blogger.com,1999:blog-4238494280010469357.post-33492144409598690572008-02-13T17:47:00.000+13:002008-02-13T17:47:00.000+13:00More generally, the application's identity will no longer be valid. Anything that checks the identity status of the application will fail.<BR/><BR/>The dialog that appears when you first launch a new application is something different (it's the quarantine API that's part of Launch Services).Jean-François Royhttp://www.blogger.com/profile/16686662307109968877noreply@blogger.comtag:blogger.com,1999:blog-4238494280010469357.post-63366491599070588942008-02-13T09:56:00.000+13:002008-02-13T09:56:00.000+13:00The point is that it will check the app’s signature if it tries to get a key from the Keychain.Ahrumanhttp://www.blogger.com/profile/06270504794643860478noreply@blogger.com