The problem is that Apple is the one and only gatekeeper here. $99 for a lot of apps, like independent games made for a competition, is a very high barrier to entry. Were Apple to allow third party certificates, and/or use the existing ecosystem for software signing certificates, there would be a lot fewer issues with this.

I agree that Apple should not be the (sole) one signing apps for their OSes.

However, I doubt a dialog "this app was signed by 'Evil Privacy Invaders, inc'. You haven't trusted their software before. Do you want to do that now?" would deter the typical user from clicking 'Yes, always'.

So, the best they could do is allow a fixed set of regulated code signers. I do not see how that would be much of a change from the current situation.

$99/year is only if developers want to submit apps to the App Store. Xcode itself is free, and non-appstore apps can be signed for free with it.

You can't sign apps (even for non-appstore distribution) without a developer ID, which requires a $99/year developer account.

I thought that as it works currently you can sign up as a free developer and generate certificates so your apps can run on ML.

who else should be the gatekeeper on their own platform? $99/year is not a lot.

/I/ should be the gatekeeper on /my/ device. Apple's all or nothing approach means that for hobbyist usage, or internal app distribution, etc, you still have to pay that $99/year, even if it's not going into the regular ecosystem.

You know /YOU/ can turn it off on /YOUR/ device, right?

Yes, I know it can be turned off. However, there's no way to import 3rd party roots into gatekeeper. That's what I meant by all or nothing.

That's true and probably by design. ;)

A workaround could perhaps be to use anti-virus software, at least Symantec has reputation based whitelisting.

For some people (students, hobbyists), it is.

Why? Someone will just set up a web service to sign any app for free. (AFIAK, they aren't publishing revocation lists.)