I am sorry, but I am puzzled of the naiveté of people thinking code signing like this is for extended security and not market lock in. Sure, instead of just checking the integrity of an archive/package/executable, you can also add info to identify the developer and source. But it just isn't worth it on the current software market.
Create a public key register if security +++) is that important to you and you get the same features but don't try to tell me a developer certificate from FAANG isn't for business purposes.
+++) completely neglecting the fact that malware was even introduced in signed software...
Create a public key register if security +++) is that important to you and you get the same features but don't try to tell me a developer certificate from FAANG isn't for business purposes.
+++) completely neglecting the fact that malware was even introduced in signed software...