Re: Installer pkg built with Xcode 12.2 won't open in macOS 10.10 and 10.11
I would definitely file a bug report. At the least you may learn why they didn’t use SHA-1 in the Apple Silicon version of codesign.toggle quoted messageShow quoted text
The big surprise to me is that the Intel version does allow SHA-1. My initial understanding was that it didn’t, but you have shown their inconsistency in the implementation.
We know that SHA-1 is broken and no longer secure, which pretty much now makes codesigning with it useless.
Please let us know what Apple says in response to your ticket.
On Dec 7, 2020, at 7:26 PM, Jon Gotow <email@example.com> wrote: