Time-stamping during code signing ensures that the signed files are still verifiable after certificate expiration.
Apple is doing this with software distributed for Windows (e.g., QuickTime, iTunes, etc.), so why not for updates for the Mac OS?
Of course, for its Windows software, Apple seems to be using a code-signing certificate issued by Verisign.
This is a really lame problem to have that can be avoided entirely by following basic best practices for code-signing.
