Hacker News new | past | comments | ask | show | jobs | submit login

“…for all software.”

It’s very vague as usual.

I guess the current work arounds will still apply (right click open, for instance)

But we'll probably have to wait for WWDC for a definitive answer

I wonder, will that include random terminal apps like gnu grep, and if so, how will the notary be attached?

They can be distributed without a signature.

But the post says "all software." Surely that implies that macOS won't let unnotarized software run?

That software will not have the quarantine bit set, so I don't think these restrictions will apply.

We had a pretty definitive answer last WWDC during the session on notarizing. https://developer.apple.com/videos/play/wwdc2018/702/

Developer ID signing will eventually be replaced with notarized Developer ID signing, on some suitably long roadmap that can be assumed to first involve a change in new app signing, then developer warnings of impending change of default on new OS version, that new OS version having user visible warnings, finally having the old developer id signatures ignored (making apps behave as unsigned, requiring the same right-click opening/exempting as today)

For those who are looking for my entry into the pool - the OS changeover for user-visible warnings will be this time next year, with it made obvious (at WWDC 2020) that the September 2020 macOS major release will make the final change to ignore old non-notarized signatures.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact