Last year, over a period of a few days, the certificates generated on developer.apple.com suddenly had an expiration date set to the year 2079. Usually the certs only last for 6-12 months. Too bad the certs are also locked to a set of device IDs... or we could have had unlimited code signing ability forever ;) [or until a revoke push]

Wow. This thread is bringing out the ABA trolls in full force.

For those that don't get it:

Guys. Code signing is a good thing. It prevents code being screwed with by a malicious third party or some form of malware before it ends up on your device. Apple's implementation on the generation side leaves a lot to be desired, admittedly, but the concept is sound.

You'd best get used to it now. You're only going to see it more and more as time goes on - and not just on "jailed platforms".

Obligatory rms "Can You Trust Your Computer?": http://www.gnu.org/philosophy/can-you-trust.html

RMS uses a laptop with a Chinese CPU right?

Indeed he does. Everything down to the BIOS is FOSS. Apparently worrying about hardware inbuilt backdoors is a level of paranoia too high even for Stallman.

Many things are a good thing when you have competition. One company who acts as the sole gatekeeper is a bad idea, and this is just another example of why.

Your problem is with PKI then - someone who has some measure of authority has to sign the certs.

Man, do I hate that ridiculously complicated certificate system. I wonder how many first-timers don't recognize this as a bug and in frustration think "This is ridiculous, let me try again tomorrow".

I'm not a first timer, but I recently signed up for a developer account and went to set it up last night. I spent a few hours getting angry and trying everything I knew to make it work, until I went to the Apple Dev forums and saw a post about it.

It's so complicated that I couldn't tell if it was broken or if I was doing something wrong.

You think it's bad now, it was awful when it started out. There was little to no documentation, so getting an app on a device generally entailed clicking random buttons for a few hours until things somehow worked.

It has gotten a little bit easier with the XCode4 Developer console, but yeah .. the certification process is one hell of a way to weed out the truly devoted from the casual.

Have fun with your jailed platforms.

I wish deployment to the iPhone would be as easy as to the Android. Why mess around with deployment certificates in the first place?

Release android APK files are also signed.

Yes, apks are also signed, but the key generation is up to you. It's no problem to use self generated keys, it just has to be the same key across different versions of the same app.

Only fitting that in that thread there is not a single reply from Apple.

Apple rarely, if ever, reply to catastrophic bug reports like this. Its part of their policy not to acknowledge problems until they're ready to fix them.

It is only 14 hours old, started on a Sunday evening in a user generated content community forum. It's 6am in Apple land, I'm sure some employee is about to get a surprise.

I think the answer is more along the lines of seclorum's reply. Ops people in self-respecting companies are always watching.

Well that's a bummer.

RDARs have been filed. Actions will be taken. The mothership will come back up. Haters will still hate code signing and provisioning profiles.

Does anyone have any insight into this problem at all?

I'm sorry, you seem to have this site confused with Script Kiddy News.

They seem to be managing revenues and their share price just fine.