[Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG? (original) (raw)
Barry Warsaw barry at python.org
Sat Apr 4 18:10:23 CEST 2015
- Previous message (by thread): [Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
- Next message (by thread): [Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Apr 04, 2015, at 02:41 PM, Steve Dower wrote:
"Relying only on Authenticode for Windows installers would result in a break in technology w/r to the downloads we make available for Python, since all other files are (usually) GPG signed"
It's the "only" part I have a question about.
Does the use of Authenticode preclude detached GPG signatures of the exe file? I can't see how it would, but maybe there's something (well, a lot of somethings ;) I don't know about Windows.
If not, then what's the problem with also providing a GPG signature?
Cheers, -Barry
- Previous message (by thread): [Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
- Next message (by thread): [Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]