The file "record" inside the archive is signed.

On Sep 1, 2012 1:42 PM, "David-Sarah Hopwood" <david-sarah@jacaranda.org> wrote:
On 22/08/12 03:52, Daniel Holth wrote:
> I've made what I think is exciting progress on the digital signatures
> design for wheel (updated built/binary packages for Python; intended
> to replace egg). The insight is that we can overload the "extras"
> syntax as a convenient way to mention the public key we expect:
>
> package[extra, ed25519=ouBJlTJJ4SJXoy8Bi1KRlewWLU6JW7HUXTgvU1YRuiA]

I missed this when you first posted it. I like it a lot.

The signature would be on the wheel binary package file?

--
David-Sarah Hopwood ⚥