is there any plan for the downloadable packaged/executable version of IDE to be notarized? that would reinforce the trust in what we install on our systems.
Just out of idle curiosity does this notarization process require money to be given to Apple?
I don't know.
You need to get a Developer ID that will be used in the process of signing the code and submit into an automated verification engine
There is a free developer program but also another one for a fee if you want to sell your apps in the app store or get code-level support ($99 per year for a company, no per developer fee)
The process is described here (https://developer.apple.com/developer-id/)
Get Your Software Notarized
Give users even more confidence in your software by submitting it to Apple to be notarized. The service automatically scans your Developer ID-signed software and performs security checks. When it's ready to export for distribution, a ticket is attached to your software to let Gatekeeper know it's been notarized.
and in more details there (https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution)
There is an extra value for developers they highlight,
If you discover unauthorized versions of your software, you can work with Apple to revoke the tickets associated with those versions
There has been many attacks in the past across platforms with rogue versions of developer tools that inject extra code in your apps... Getting the assurance we download the right version as compiled by the vendor is of actual value (in my opinion). (that's why I never got ch340 drivers from China for example)
seems nothing is enforced for the time being anyway, just an annoying pop-up from time to time stating that the IDE is not signed - so just curious if arduino plans to get signed versions of the IDE