Dear Martin,
Educated, adult developers with good internet connections may know that, but all users? What about software on a CD or a memory stick?
Also, I believe users *still* get a confirmation window, just the message changes from "we don't know who wrote this software" to "we know PSF wrote it - do you trust them?"
Ugh. Still better than a warning.
So, "all users" aren't any better off with authenticode.
I haven't looked at authenticode, but I guess it's a cryptographical signature.
Correct.
That defaults to a good thing.
That's a very common pitfall, and untrue. People are talked into believing that signed software is "more trustworthy" than unsigned software. This is absolutely not the case. The signed software may just as well contain malware. The only difference is that you can go after the author - provided you can get hold of him, and provided you can prove (in court) that it was actual that software that caused the damage. Depending on the malware, you may not even know that damage was made, e.g. if it was signed spyware.
Yes, I am aware of that. But the signature makes a man-in-the-middle attack harder.
So code-signing can very realistically give a false sense of security. This is *not* a good thing.
You will have the say whether Python uses authenticode, but I'm not convinced by your arguments.
I think I'll have to produce a signed version of the 2.5.1 installer, so that people can see for themselves.
That is a friendly idea. Thank you. - Lars