On Fri, Apr 3, 2015 at 7:25 AM, Paul Moore <p.f.mo...@gmail.com> wrote: > On 3 April 2015 at 10:56, Larry Hastings <la...@hastings.org> wrote: >> My Windows development days are firmly behind me. So I don't really have an >> opinion here. So I put it to you, Windows Python developers: do you care >> about GnuPG signatures on Windows-specific files? Or do you not care? > > I don't have a very strong security background, so take my views with > a pinch of saly, but I see Authenticode as a way of being sure that > what I *run* is "OK". Whereas a GPG signature lets me check that the > content of a file is as intended. So there are benefits to both, and I > thing we should continue to provide GPG signatures. (Disclaimer: I've > never in my life actually *checked* a GPG signature for a file...)
I haven't been on Windows in a bit, but this is my understanding/expectation as well. _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
