You may not want to set the settings back. I came at this from my Console log - it was getting spammed with messages from secd (security related background program new in Mavericks) that made me go look at certificates and keys in Keychain Access, and I thought to turn those settings to 'Off' while I was at it.
I should have tested more - setting those to 'Best attempt' seems to allow things to still work. That seems to be the default setting, or at least is for the new admin user I created this morning to actually download the updates as per one of the other posts in here. In any case, I set them to 'Best attempt', deleted one of the apps I had downloaded from the store, and it allowed me to redownload it without any problems, so I think I'll keep it at 'Best attempt' for now.
It seems that some of Apple's certificates aren't finding a root certificate or some such, and if you have those settings at 'Require if certificate indicates', it causes them to fail when being verified. Or at least, I think that's what's going on.
These are the console messages (repeated over and over) from secd, in case anyone is wondering:
10/23/13 2:16:25.344 PM secd[229]: securityd_xpc_dictionary_handler Keychain Access[1335] DeviceInCircle The operation couldn’t be completed. (com.apple.security.sos.error error 2 - Public Key not available - failed to register before call)
10/23/13 2:16:25.345 PM secd[229]: SecErrorGetOSStatus unknown error domain: com.apple.security.sos.error for error: The operation couldn’t be completed. (com.apple.security.sos.error error 2 - Public Key not available - failed to register before call)
(So far, I haven't seen any more messages since changing the settings in Keychain Access, but I'm unsure of what exactly was triggering them in the first place.)