Thanks for the information, @eskimo. One follow-up question: Based on the information in your Care & Feeding (C&F) post and CSRs Explained post, I gather that the following process is tenable: Client creates a signing ID on his Mac. Client exports the signing ID (i.e., certificate + private key) to a .p12 files using the steps described in "Back Up Your Signing Identities" section of C&F. Client distributes, via secure means, the .p12 file to developers authorized to sign on behalf of organization. Authorized developer X (myself) imports signing ID from the .p12 file using the steps described in "Back Up Your Signing Identities" section of C&F. Authorized developer X now has all components necessary to sign code on behalf of organization on X's Mac. Once everything is confirmed working, client should delete signing identity from his Mac, retaining only the .p12 file. Is this correct? (If this is correct, you might consider amending "Back Up Your Signing Identities" in C&F to "Back Up/Export Your Signing Identities" and adding a paragraph that states, e.g., "The .p12 file created by this process can be given to authorized team members who can then import it and use it to sign applications on behalf of your organization.") Thanks again for the help.