[Catalog-sig] Proposal: Move PyPI static data to the cloud for better availability

Jesus Cea jcea at jcea.es
Wed Jun 16 00:39:22 CEST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 16/06/10 00:24, Steven D'Aprano wrote:
> I would not be digitally signing anything I didn't create unless I had 
> good legal advice that it was safe to do so.

The pypi signature certifies that the package has not been tampered
with. It DO NOT certify anything else.

- -- 
Jesus Cea Avion                         _/_/      _/_/_/        _/_/_/
jcea at jcea.es - http://www.jcea.es/     _/_/    _/_/  _/_/    _/_/  _/_/
jabber / xmpp:jcea at jabber.org         _/_/    _/_/          _/_/_/_/_/
.                              _/_/  _/_/    _/_/          _/_/  _/_/
"Things are not so easy"      _/_/  _/_/    _/_/  _/_/    _/_/  _/_/
"My name is Dump, Core Dump"   _/_/_/        _/_/_/      _/_/  _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQCVAwUBTBgBGplgi5GaxT1NAQL/fAP/a1GAtmt9kkVzMBiKA7G1hYZ6BG7bOdt0
D3+q5ces91uk6lmzU+HZXCl4pfCljCMYsQjuKa1EP6aNGOT/beAr35s7K2+4S/FE
FjBwchWe5YJaJY7gaMUoWakf0Dz9x4rgebd/Aa2a2Qi14fuA2JJyeOzrIcwgRfwQ
wgNq65M3ke8=
=IgAh
-----END PGP SIGNATURE-----


More information about the Catalog-SIG mailing list