[python-committers] [Python-Dev] Do we need to sign Windows files with GnuPG?
Paul Moore
p.f.moore at gmail.com
Fri Apr 3 14:25:25 CEST 2015
More information about the python-committers mailing list
Fri Apr 3 14:25:25 CEST 2015
- Previous message (by thread): [python-committers] Do we need to sign Windows files with GnuPG?
- Next message (by thread): [python-committers] [Python-Dev] Do we need to sign Windows files with GnuPG?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 3 April 2015 at 10:56, Larry Hastings <larry at hastings.org> wrote: > My Windows development days are firmly behind me. So I don't really have an > opinion here. So I put it to you, Windows Python developers: do you care > about GnuPG signatures on Windows-specific files? Or do you not care? I don't have a very strong security background, so take my views with a pinch of saly, but I see Authenticode as a way of being sure that what I *run* is "OK". Whereas a GPG signature lets me check that the content of a file is as intended. So there are benefits to both, and I thing we should continue to provide GPG signatures. (Disclaimer: I've never in my life actually *checked* a GPG signature for a file...) Paul
- Previous message (by thread): [python-committers] Do we need to sign Windows files with GnuPG?
- Next message (by thread): [python-committers] [Python-Dev] Do we need to sign Windows files with GnuPG?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the python-committers mailing list