The Mac installer build script now signs the package with our official

certificate. This requires that the machine building the package has the

official Apple-issued certificate and private key installed, or that

RBTOOLS_SIGN_PACKAGE=no is set.
Signed installers will launch and run without an "unidentified

developer" warning, helping users to know that the installer is

reliable and official.

Built an installer with the official cert and saw it prompt me for confirmation

on using that known cert. Checked that it properly signed the installer once I

confirmed.
I then installed it in a fresh Mavericks VM. It didn't give me a warning, and

showed the lock icon with the proper certificate information.
Built an installer with a fake certificate's common name, and saw it error

out.
Built an installer with RBTOOLS_SIGN_PACKAGE=no, and saw it generated an installer

that resulted in warnings and without a lock icon.