We want to sign builds on the buildbot so users can run them without scary warnings, and to catch potential bugs in bundling and code signing earlier.
- Figure out: do issues in the daily builds risk affecting the release build? Do we use a separate certificate?
- Configure buildbot virtual machine to have certificate, and check security implications of that.
- Update buildbot scripts to include code signing.