Ideally authors will be signing their packages (using gpg keys). Of course how to distribute keys is an exercise left to the reader.
On Friday, June 22, 2012 at 11:48 AM, Vinay Sajip wrote: > <martin <at> v.loewis.de (http://v.loewis.de)> writes: > > > > > See above. Also notice that such signing is already implemented, as part > > of PEP 381. > > > > > BTW, I notice that the certificate for https://pypi.python.org/ expired a week > ago ... > > Regards, > > Vinay Sajip > > > _______________________________________________ > Python-Dev mailing list > Python-Dev@python.org (mailto:Python-Dev@python.org) > http://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: > http://mail.python.org/mailman/options/python-dev/donald.stufft%40gmail.com > >
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
