The idea of a trusted signing ID has been around for long time and is known good practice.
I was wondering if there is an alternative to this practice, or if it is still the best method for trusting active content in a Notes client (and avoiding Execution Security Alerts) and also on a Domino server.
I notice from the 8.5 help that the client ECL is still checked against the signer of active content, so perhaps there is no alternative?
If anyone has any ideas I’d really like to read about them.