-
|
Hello. I was reading through the documentation and noticed that I do not have |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
The difference is somewhat hinted in the Segue for security concerns part of the documentation: using EdDSA gives better security in verifying the download was how you distributed it (the code signing checks are shallow for integrity for various reasons), it has a fail-safe allowing rotation of signing keys in case your developer ID changes (this can make development for certain projects easier too since a development build may use a different certificate or not use one), and it is required if you want to deliver smaller / more efficient binary delta updates. Only using Developer ID code signing is supported for compatibility reasons but not strongly recommended. |
Beta Was this translation helpful? Give feedback.
-
|
Appreciate the answer, thank you. |
Beta Was this translation helpful? Give feedback.
The difference is somewhat hinted in the Segue for security concerns part of the documentation: using EdDSA gives better security in verifying the download was how you distributed it (the code signing checks are shallow for integrity for various reasons), it has a fail-safe allowing rotation of signing keys in case your developer ID changes (this can make development for certain projects easier too since a development build may use a different certificate or not use one), and it is required if you want to deliver smaller / more efficient binary delta updates. Only using Developer ID code signing is supported for compatibility reasons but not strongly recommended.