Landon Fuller

@landonfuller @siracusa FWIW, it’s not particularly hard to get a kext signing cert, all we had to do write a couple of lines why we need it

@pajp Someone I know working on a Mac OS X kernel internals book was refused a kext signing cert; the problem is: Apple picks the winners.

@landonfuller it’s a problem if Apple also takes the tools away to choose the trusted CA certificate roots; do they?

@pajp Yeah; unlike MS' signing requirements, Apple themselves is the only trusted CA root.

@landonfuller source? I thought kext codesigning checks use the SecAssessment trust policy modifiable with spctl. If not, it’s pretty crappy

@pajp What good does spctl do normal users if the default CA list is constrained to 1? Adding a CA is a bigger deal than a kext

@landonfuller someone could set up a separate CA with easy-to-install app that sets it up, if there would be demand for it

@landonfuller kernel space programming is extremely hard to get right, dangerous for stability. I’d love these use cases solved without it.

@mgorbach It's impossible to anticipate all use-cases, and we've already seen what an attempt looks like on iOS.

@landonfuller and add the highest-value APIs. Think FUSE. Kext programming hoops scare me less if there is a concerted API effort.

@mgorbach Strict restrictions scare me regardless; if anyone has a clever idea or a unique requirement, they can't even explore it.

@landonfuller would it bother you less if there was a way to “dev” or “enterprise”-sign kexts?