Re-Signing iOS apps
In order for an app to run on an iOS device, it needs to be code signed. This proves to iOS that the app has been approved to run on iOS devices. This is true of any apps in the App store, ad-hoc, or enterprise apps. The App store apps add an additional level of protection, as the apps are not only cryptographically signed by Apple, but also protected by DRM. Since only Apple can apply this DRM to apps, the app needs to go through the approval process and be “blessed” by Apple."
Even though this article is about iOS applications, it reveals some important ideas for Mac developers distributing applications signed with Developer ID. If the application itself does not check the code signature, your work could be altered and redistributed with different credentials.
Labels: ASN.1, codesigning, developerid, ios