From 63d670c286328389b33d08cb05c8e2dc562c7821 Mon Sep 17 00:00:00 2001 From: Samuel Attard Date: Wed, 2 May 2018 11:52:52 +1000 Subject: [PATCH] explain platform differences in code signing --- docs/tutorial/code-signing.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/tutorial/code-signing.md b/docs/tutorial/code-signing.md index 708fd89fd3a..3fc666dcd17 100644 --- a/docs/tutorial/code-signing.md +++ b/docs/tutorial/code-signing.md @@ -1,8 +1,15 @@ # Code Signing Code signing is a security technology that you use to certify that an app was -created by you. Once an app is signed, the system can detect any change to the -app, whether the change is introduced accidentally or by malicious code. +created by you. + +On macOS the system can detect any change to the app, whether the change is +introduced accidentally or by malicious code. + +On Windows the system assigns a trust level to your code signing certificate which +if you don't have, or if your trust level is low will cause security dialogs to +appear when users start using your application. Trust level builds over time +so it's better to start code signing as early as possible. While it is possible to distribute unsigned apps, it is not recommended. For example, here's what macOS users see when attempting to start an unsigned app: