Il giorno 10/feb/2013, alle ore 18:08, Antoine Pitrou <[email protected]> ha scritto:
> > Hello, > > Vinay Sajip <vinay_sajip <at> yahoo.co.uk> writes: >> >> I've contacted the FSF about the licensing implications of including gpg with >> Python programs. This is primarily for Windows - Posix users are better off >> installing through their distro package manager or equivalent of the >> Homebrew/MacPorts type, if necessary. > > You want to post this on python-dev, not catalog-sig. > > Also, before inquiring about legal matters, it should first be decided > whether it is desirable to ship our version of GnuPG, or not. > (unless there has already been a thread about this and I've missed it :-)) There is an open discussion whether to use TUF or GPG. If we go with GPG, then we wlll discuss what to do, given that: 1) for users, the problem is not on python-dev, but rather on the maintainers of package managers (pip, easy_install) that need to decide how to ship/install GPG to verify signatures. 2) for maintainers, I don't see a strong need to ship it with distutils within Python, as long as we have clear documentation on how to install it. But this is open for discussion of course. -- Giovanni Bajo :: [email protected] Develer S.r.l. :: http://www.develer.com My Blog: http://giovanni.bajo.it
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
