So no signed binaries? The signature portion will obviously not be reproducible by anyone but the original signer. I believe that is all the App Store process does, sign with a key issued by Apple, but it might be more complex.
> I use public key cryptography to sign my code to assure its authenticity. Is it true that GPLv3 forces me to release my private signing keys?I use public key cryptography to sign my code to assure its authenticity. Is it true that GPLv3 forces me to release my private signing keys?
> No. The only time you would be required to release signing keys is if you conveyed GPLed software inside a User Product, and its hardware checked the software for a valid cryptographic signature before it would function. In that specific case, you would be required to provide anyone who owned the device, on demand, with the key to sign and install modified software on the device so that it will run. If each instance of the device uses a different key, then you need only give each purchaser a key for that instance.
No, because the provision you cite only applies for software distributed as part of a qualified device or in the same transaction where possessory interest in the device is transferred. That wouldn't apply to iOS Apps outside of the stock bundled apps, as App Store apps are transferred in separate transactions from the device.
The GNU FAQ is very clear on this matter. Code signing is allowed. But, you're right that the bit of the license I quoted is irrelevant, so I've removed it.
And in the case of a Mac, so far you don't need keys to install software you compiled yourself. On iOS there are additional encumbrances, like the need for a dev account, a separate computing device (a Mac) to compile for the iOS device, and so on.
It’s getting harder and harder for kexts. You can’t readily compile those from source and install them yourself without a developer license , anymore.
You currently technically still can, I believe (restart in some
safe mode and disable a protection mechanism of sorts, iirc), but the trend is not towards openness. Honestly I don’t doubt for a second they’re doing it purely for the sake of security, but that doesn’t really matter for the GPL as far as I’m aware ?
