On Jan 2, 2015, at 1:33 AM, Nick Coghlan <ncoghlan@gmail.com> wrote:That's the part I meant - the signing of developer keys to delegate trust to them without needing to trust the integrity of the online PyPI service.Hence the idea of instead keeping PyPI as an entirely online service (without any offline delegation of authority), and suggesting that developers keep their *own* separately signed metadata, which can then be compared against the PyPI published metadata (both by the developers themselves and by third parties). Discrepancies becoming a trigger for further investigation, which may include suspending the PyPI service if the the discrepancy is reported by an individual or organisation that the PyPI administrators trust.I’m confused what you mean by “without needing to the trust the integrity of the online PyPI service”.Developer keys get signed by offline keys controlled by I’m guessing either myself or Richard or both. The only time we’re depending on the integrity of the machine that runs PyPI and not on an offline key possessed by someone is during the window of time when a new project has been created (the project itself, not a release of a project) and the next time the delegations get signed by the offline keys.