I’d suggest that someone else (I’ll volunteer) run the 4.1.2 build.
z
zwass
12/16/2019, 8:08 PM
This sounds like a great idea! Are there private keys or something that would prevent this?
s
seph
12/16/2019, 8:09 PM
Yes and no. The current osquery mac packaging is signed with Teddy’s personal key. Obviously I can’t sign it with that, but I can sign it with mine. But even knowing that we can get that far is progress.
seph
12/16/2019, 8:09 PM
Pretty suire we have some notes about other things. (like the s3 bucket credentials for releases)
g
Gavin
12/16/2019, 8:10 PM
Signing with another key will mean that admins may need to Deploy a new TCC profile for FDA , worth mentioning in the release notes this is for Mojave / Catalina
s
seph
12/16/2019, 8:11 PM
My gut sense is that it’d be better to wait, but have the option.
g
Gavin
12/16/2019, 8:13 PM
Worth chipping in some cash for an OSquery specific dev account and eating the pain once for the move to an organisation shared Cert ?