As someone who actually signs, notorizes and distributes desktop apps for macOS, I can safely say their documentation is less than ideal.
Maybe because I'm using Electron framework which makes things more complicated, but I don't really understand why there's is a difference between different types of certificates (Developer ID, Apple distribution, macOS distribution) and I had to guess which one to use everytime I set it up.
Also why is notorization a completely different process from code signing, and requires completely different set of credentials from it. Seems odd to me.
> Also why is notorization a completely different process from code signing
Because they do completely different things. Signing is a proof that you were the one to write and package that software; notarisation is an online security check for malware. If I recall, you still sign but do not notarise when distributing to the Mac App Store.
Maybe because I'm using Electron framework which makes things more complicated, but I don't really understand why there's is a difference between different types of certificates (Developer ID, Apple distribution, macOS distribution) and I had to guess which one to use everytime I set it up.
Also why is notorization a completely different process from code signing, and requires completely different set of credentials from it. Seems odd to me.