>On Thursday, Oct 9, 2003, at 15:30 America/New_York, amk at amk.ca wrote: > >>On Thu, Oct 09, 2003 at 09:06:43PM +0200, Jack Jansen wrote: >>>We are going to need digital signatures at some point, so if we're >>>not going to have them in Python we have to warn users and provide >>>them with an out-of-band way to test packages. >> >>Can we use GnuPG? It provides an interface for being run as a subprocess >>and reporting results back in a form usable for programs. Perhaps it could >>just require that GnuPG is available (via Fink or some other mechanism). > >I think it would be a lot easier on the users if we could just let >them install a particular Python package that can do the signature >verification. Is there anything in OpenSSL that could be exploited >for this purpose? According to http://www.openssl.org/docs/crypto/DSA_sign.html it sure looks that way. Now if this is directly usable, that's another question... -- Glenn Andreas gandreas at delver.com Theldrow, Blobbo, Cythera, oh my! Be good, and you will be lonesome
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4