Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2015-April/139003.html below:

[Python-Dev] Do we need to sign Windows files with GnuPG?

• Previous message (by thread): [Python-Dev] Do we need to sign Windows files with GnuPG?
• Next message (by thread): [Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3 April 2015 at 10:56, Larry Hastings <larry at hastings.org> wrote:
> My Windows development days are firmly behind me.  So I don't really have an
> opinion here.  So I put it to you, Windows Python developers: do you care
> about GnuPG signatures on Windows-specific files?  Or do you not care?

I don't have a very strong security background, so take my views with
a pinch of saly, but I see Authenticode as a way of being sure that
what I *run* is "OK". Whereas a GPG signature lets me check that the
content of a file is as intended. So there are benefits to both, and I
thing we should continue to provide GPG signatures. (Disclaimer: I've
never in my life actually *checked* a GPG signature for a file...)

Paul

• Previous message (by thread): [Python-Dev] Do we need to sign Windows files with GnuPG?
• Next message (by thread): [Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4