
Mothership Down: Apple bug halts the production of development certificates. - jbm
https://discussions.apple.com/thread/3799289?tstart=0
======
0x0
Last year, over a period of a few days, the certificates generated on
developer.apple.com suddenly had an expiration date set to the year 2079.
Usually the certs only last for 6-12 months. Too bad the certs are also locked
to a set of device IDs... or we could have had unlimited code signing ability
forever ;) [or until a revoke push]

------
Karunamon
Wow. This thread is bringing out the ABA trolls in full force.

For those that don't get it:

Guys. Code signing is a _good thing_. It prevents code being screwed with by a
malicious third party or some form of malware before it ends up on your
device. Apple's implementation on the generation side leaves a lot to be
desired, admittedly, but the concept is sound.

You'd best get used to it now. You're only going to see it more and more as
time goes on - and not just on "jailed platforms".

~~~
sneak
Obligatory rms "Can You Trust Your Computer?":
<http://www.gnu.org/philosophy/can-you-trust.html>

~~~
st3fan
RMS uses a laptop with a Chinese CPU right?

~~~
Karunamon
Indeed he does. Everything down to the BIOS is FOSS. Apparently worrying about
hardware inbuilt backdoors is a level of paranoia too high even for Stallman.

------
nixle
Man, do I hate that ridiculously complicated certificate system. I wonder how
many first-timers don't recognize this as a bug and in frustration think "This
is ridiculous, let me try again tomorrow".

~~~
wukkuan
I'm not a first timer, but I recently signed up for a developer account and
went to set it up last night. I spent a few hours getting angry and trying
everything I knew to make it work, until I went to the Apple Dev forums and
saw a post about it.

It's so complicated that I couldn't tell if it was broken or if I was doing
something wrong.

------
AznHisoka
I wish deployment to the iPhone would be as easy as to the Android. Why mess
around with deployment certificates in the first place?

~~~
gravitronic
Release android APK files are also signed.

~~~
vetinari
Yes, apks are also signed, but the key generation is up to you. It's no
problem to use self generated keys, it just has to be the same key across
different versions of the same app.

------
gm
Only fitting that in that thread there is not a single reply from Apple.

~~~
jws
It is only 14 hours old, started on a Sunday evening in a user generated
content community forum. It's 6am in Apple land, I'm sure some employee is
about to get a surprise.

~~~
gm
I think the answer is more along the lines of seclorum's reply. Ops people in
self-respecting companies are always watching.

------
feralchimp
Well that's a bummer.

RDARs have been filed. Actions will be taken. The mothership will come back
up. Haters will still hate code signing and provisioning profiles.

------
thetron
Does anyone have any insight into this problem at all?

------
umrashrf
Ask Anonymous to put down these crappy systems for life

~~~
jmilkbal
Aye. What mothership? I'm not a fucking slave to the retardation that is this
entire company. They regularly show they can't manage anything properly.

~~~
sneak
They seem to be managing revenues and their share price just fine.

