On Tue, Apr 9, 2013 at 3:17 PM, Justin Cappos <jcap...@poly.edu> wrote: > His 29MB and 58MB numbers assume that every developer has their own key > right now. We don't think this is likely to happen and propose initially > signing everything that the developers don't sign with a single PyPI key. > > It also assumes there are no abandoned packages / devel account. I also > think many devels won't go back and sign all old versions of their software. > So my number is definitely a back of the envelope calculation using > Trishank's data. Trishank's calculations are much more expressive, but are > the "worst case" size.
OK, that makes sense - thanks for the clarification. Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org http://mail.python.org/mailman/listinfo/distutils-sig