[tor-dev] Apple App Store Redux
Erinn Clark
erinn at torproject.org
Sat Nov 16 23:58:40 UTC 2013
* Griffin Boyce <griffin at cryptolab.net> [2013:11:10 20:30 -0500]:
> It's been a while since there's been a discussion on-list about
> getting the TBB into Apple's app store [1]. Interest hasn't really gone
> away in the intervening 13 months, so I just want to open up discussion
> about it.
Are there a lot of people interested in this? We hear complaints from OSX users
about the packages not being signed the OSX way, but if we've received bugs
about putting TBB into the app store, they have been so infrequent and long ago
that I don't remember them. I'm not disagreeing with your claim, I just wonder
where the interest is happening so I can read about it. :)
> Here are some possible solutions:
> - Submit Apple agreements to Wendy for review and
> rejection/acceptance. The last mention of this was a year ago on #6540.
> Status?
I tried to get the licensing agreements earlier this year and they are, as far
as I can tell, not available until you actually sign up. If someone reading
this has put something in the app store (which may or may not be different from
the app store the iPhone uses? does anyone know?) please send us a copy of any
agreements you may have!
> - Actively decide to continue without being blessed by Apple, but
> focusing instead on educating Mac users about their application security
> options.
I am at this point in favor of signing OSX packages with their codesigning but
in order to acquire a codesigning cert you have to jump through some hoops (and
there is the aforementioned issue of "who buys the certs? person or
organization?"; see also #10002) This is why this problem has never been
"solved" -- every time we look at it we get discouraged, confused, and/or
ideologically enraged.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20131116/e66dfef3/attachment.sig>
More information about the tor-dev
mailing list