Belgium is strange country… at various levels! For years, Belgium is known as a country which quickly developed and distributed electronic identity cards (eID) to its citizens. Your eID can be used in multiple applications to perform citizen’s authentication and to sign documents. The number of applications and web sites keeps growing constantly. Private organizations can also integrate the eID in their applications! Looks great…
Today, I had to use my eID on my Macbook for the first stime. Step one, download the software and install it. Piece of cake, I visited this page, downloaded the .dmg and installed it. I’m running the latest version of OS X, Mountain Lion. This one introduced a significant new feature called Gatekeeper, a new security system to help keep users from installing malicious applications on their machines.
Guess what? When I started the eID software, I got this nice warning:
I found this unfortunate from Fedict, Federal Public Service for Information and Communication Technology, which is in charge of the eID infrastructure. I had to use my eID so I temporary decreased the security level of Gatekeeper to perform a smooth installation then I re-enabled the default settings. I don’t say the software is unsafe but that’s a Belgian joke… Using a non-signed software (at Apple level) to sign my documents!
RT @xme: [/dev/random] Signing Documents Using an Unsigned Application! http://t.co/eHMu1r0N
@xme Had a similar blogpost several years ago, eID Windows software has no digital signature. no improvement yet 🙁
Thank for the tip!
Hello.
FYI, you can open an unsigned application without changing your GateKeeper settings. Instead of double-clicking on it, just right-click on it and choose “Open”.
RT @xme: [/dev/random] Signing Documents Using an Unsigned Application! http://t.co/eHMu1r0N