Developer ID ensures Gatekeeper accept?

Question

What is the current Apple's policy? Speaking about Gatekeeper, they never mention that getting a Developer ID guarantees that your app will be allowed to run with the default Mac App Store and identified developers option. They never say that every valid signed app will be automatically accepted.

I cannot distribute my app in the App Store since it violates its guidelines. But it's useful, does not contain malware, ads or so.

Answer 1

If you sign up as an Apple developer, there are three ways to release your apps:

• Through the App Store, in which case Apple pre-screens them before allowing customers to download them. If you choose this option, there is no guarantee that Apple will accept your app (although following their App Store guidelines gives you good odds).

• By signing the app with your developer ID, and then distributing it yourself. The developer ID is granted automatically when you sign up as a developer, Apple doesn't screen your app at all, and apps signed this way will run under Gatekeeper's default setting ("Mac App Store and identified developers").

  HOWEVER, if it comes to Apple's attention that malware is being distributed with your signature on it, they can revoke your developer ID certificate. If this happens, Gatekeeper will start blocking your signed apps (including any non-malicious ones). Unfortunately, while I think I remember reading a statement from Apple defining what they consider malicious, I can't find it now.

• With or without a developer membership, you can distribute unsigned apps. Apple has no say in this, either before or after distribution, but Gatekeeper's default policy will block them.

Answer 2

You can check if Gatekeeper will accept your app's signature..

$spctl -vat execute MyApp.app

you'll see..

MyApp.app: accepted
source=Developer ID