-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Apr 17, 2008, at 10:48 AM, Guido van Rossum wrote:
This is going to be a major administrative hassle. Obviously you have
to be extremely cautious with the private part of the certificate, or
it's worthless. That means that there will probably be only one person
who can sign binaries. That person would have also have to build all
the binaries -- signing binaries you retrieved from the internet
sounds like a complete bypassing of the security procedures. *And*
that person would forever have to be extremely cautious with the
machine on which the certificate resides, keeping it turned off and
locked away securely most of the time, or else risk that the machine
is infected by malware, again bypassing the point. While the chances
of ever signing something bad are low, the bad effects could be huge
(sort of like the risk of an earthquake as compared to a car crash).
I'm not at all sure that we are set up to do this right, and that it
is worth the minor inconvenience to users of having to acknowledge a
red-flag dialog. After all, they will be ack'ing such dialogs all the
time if they are at all used to downloading software from the
internet.
MvL is leading this effort and is currently trying to get a code
signing certificate (my attempts having utterly failed on the Mac ;).
Please coordinate with him.
- -Barry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
iQCVAwUBSAdnMHEjvBPtnXfVAQKkhQP/frCWs9sLcWyrAmDouCIq0n2X0B0TUbbG
+tEUQVBj2hJ/CVnmc6PjyFNjOhlfhIv+BI544QhsvoAlC2OdQe9d8hHX8sqnPUJy
lsm0gZ49ldqOhM91Q285RPtoELEEXQtfTYS2RUI/whNy+O/EDiRMVIDtNfaJOMgS
j6zeojy8d4E=
=m4aj
-----END PGP SIGNATURE-----
8 messages in org.python.python-devRe: [Python-Dev] Code signing of Wind...
