Hacker News new | past | comments | ask | show | jobs | submit login

There is only one reason why the Gatekeeper notarization check does not trigger when you run code you compile yourself on-device: the lack of quarantine xattr. We don't need to exhaust the truth table to meaningfully describe the situation.

If you're going to be pedantic, you've reversed cause/effect by saying "notarization won't come into play because you can't notarize an unsigned app". You can still upload it to the notarization API if you like and watch it fail the tests, as this is a separate step from codesign. Whether you choose to do that has nothing to do with whether you've signed it.

My perspective was one where I compile software, codesign it, upload it to be notarized and then when it's downloaded the quarantine xattr gets set; if the code doesn't get signed none of the other steps make sense. But I'm pretty sure we both know how this works so I doubt arguing about the order or relevance of certain portions of the process is productive ;)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact