When I looked at the code signing stuff, I didn't see any public API to verify a signature, only a command line tool. That might be less convenient for Sparkle.
When I looked at the code signing stuff, I didn't see any public API to verify a signature, only a command line tool. That might be less convenient for Sparkle.