Apple issued a three month extension on application sandboxing today, giving devs a little more breathing room before new rules take over. June 1 2012 is now the enforcement date. We've been having many discussions about Mac development in the TUAW backchannel over the last week. The introduction of GateKeeper and the notion of signed apps, sandboxing, and developer IDs have us talking about where Apple is taking the Mac, and will be moving Mac development in general. Overall, we think things are moving towards a win for consumers and better opportunities for devs. Read on to learn more about these technologies, and how they affect developers and App Store. GateKeeper is Apple's new approach to making your Mac safer by giving you control over which applications may download and run on your computer. With GateKeeper, developers sign apps to authenticate them with the OS -- both apps that you purchase from the Mac App Store and, at the developer's option, also apps you purchase elsewhere. With Mountain Lion, you choose which apps are allowed to run. You'll be able to disable GateKeeper and run apps from anywhere if you like, although this is not the default setting. The thing is this: Apple continues moving towards a more controlled, less open, more appliance-like concept of what a Mac means. That redefinition is causing ripples, affecting app development more and more. Applications can do fewer things, access fewer system resources, and control other apps less than they did in the past. Developers who choose to enroll in the Mac development program pay a $99/year fee just as those who enroll in the iOS development program do. Once enrolled, they can sign their apps as identified developers -- as well as gain access to early beta versions of unreleased operating systems. When the iPhone SDK first debuted, many people including yours truly complained about what couldn't be done with the APIs: what files could be accessed, what routines could be called, and so forth. Coming from a general computing background, one learns to expect to build whatever one can imagine. If the building blocks are there, then why not build whatever tools you need? That all ties into a background of fully open computing. Apple's policy split the dev community into the jailbreak world and the App Store world, with many people crossing over depending on what they were building. Under jailbreak, developers gain full access to the entire iOS file system and run apps in a fully privileged mode. This gives devs a much broader development vocabulary to work with. The jailbreak world became known for its innovation, with Apple mining those forward-looking ideas and free R&D and bringing them into successive iterations of their operating system. At the same time, developers had to change. If they wanted to market through App Store, they had to relinquish product ideas that wouldn't work within the more closed-off system that App Store submission required and look instead for opportunities of development that were allowed. No one can look at App Store today, with its countless apps, and say that Apple denied developers opportunity. It's just a somewhat different opportunity than many developers expected. It's an opportunity that restricted certain kinds of applications, most typically OS enhancements and utilities (which have flourished on other mobile platforms with less oversight of developer access). Overall, Apple has provided better tools, better marketing, and better sales avenues than had existed before. The end result has been apps that are significantly better than previous generations. And now, Apple is doing the same thing for the Mac. This is emotionally hard for some long-term devs like me. We want Linux-y freedom for whatever we want to build and distribute. Now, with sandboxing (a technique that restricts application access to full system files; all apps that are not sandboxed will be removed from the Mac App Store starting June 1st [Update: Older read more..