Comment by epistasis

The alternative to a poor binary checking and cert revocation process isn't to get rid of binary signing and cert revocation.

I don't want that. I don't think it would serve Apple's customers to get rid of binary signing either.

Since there are no legal ramifications for security bugs that cause downtime, or for bugs that cause other functionality that goes down, I'm not sure why this particular bug would be any different. It's certainly not as bad as losing one's Google account permanently without recourse.