Apple Developer ID OCSP

from blog The Desolation of Blog, 14 Nov 2020 | ↗ original

On Thursday, the day that macOS 11 Big Sur was released, Apple's Developer ID Online Certificate Status Protocol (OCSP) service went down. This seems to have been part of a larger outage affecting a number of Apple services, as indicated by their System Status. When you launch a Mac app, macOS may check with Apple's Developer ID OCSP to see whether the app developer's code signing certificate is revoked. Since 2012, macOS (then known as Mac OS X) has required that all apps downloaded from the web (outside the Mac App Store) be signed with a valid Developer ID certificate, issued by Apple to developers. The purpose of Developer ID, according to Apple, is to prevent the spread of malware; if Apple discovers that a developer has distributed malware, Apple will revoke that developer's code signing cert, and then macOS will prevent any software signed with that cert from launching, thus protecting Mac users. Unfortunately, if there's an internet connection problem involving the Developer ID OCSP, that can also prevent Mac apps from launching. For several hours on Thursday, Mac users around the world experienced extreme slowness when launching their installed apps. It's possible that millions of Macs were affected by this OCSP problem, a major if short-lived computing disaster. Many Mac users, completely unaware of why their apps wouldn't launch, feared that there was a problem with their operating system, or even with their hardware.

This is a short summary. ↗ Open original to view full content

Apple Developer ID OCSP

Related

More from The Desolation of Blog