[Catalog-sig] Add link to secure connection to the PyPI front page

"Martin v. Löwis" martin at v.loewis.de
Sat Jun 4 17:48:01 CEST 2011

> Which makes me wonder, why is it that PyPI doesn't use a universally
> accepted SSL cert instead of the CAcert one? Note: I'm a CAcert assurer
> myself but would prefer using a cert by one of the commercial CAs for
> the sake of the users.
> Any opinions?

Primarily because of lack of volunteer time. Buying a certificate is
a big effort, issuing a cacert one is simple.

And before anybody says "no, it's not difficult", or "no, it shouldn't
be difficult", please consider volunteering for the next ten years to
manage the PSF server certificates (as one of the key problems that
makes it difficult is that responsibilities change so often with


More information about the Catalog-SIG mailing list