Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2015-April/139005.html below:

[Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?

• Previous message (by thread): [Python-Dev] Do we need to sign Windows files with GnuPG?
• Next message (by thread): [Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Apr 3, 2015 at 7:25 AM, Paul Moore <p.f.moore at gmail.com> wrote:
> On 3 April 2015 at 10:56, Larry Hastings <larry at hastings.org> wrote:
>> My Windows development days are firmly behind me.  So I don't really have an
>> opinion here.  So I put it to you, Windows Python developers: do you care
>> about GnuPG signatures on Windows-specific files?  Or do you not care?
>
> I don't have a very strong security background, so take my views with
> a pinch of saly, but I see Authenticode as a way of being sure that
> what I *run* is "OK". Whereas a GPG signature lets me check that the
> content of a file is as intended. So there are benefits to both, and I
> thing we should continue to provide GPG signatures. (Disclaimer: I've
> never in my life actually *checked* a GPG signature for a file...)

I haven't been on Windows in a bit, but this is my
understanding/expectation as well.

• Previous message (by thread): [Python-Dev] Do we need to sign Windows files with GnuPG?
• Next message (by thread): [Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4