[Distutils] Surviving a Compromise of PyPI - PEP 458 and 480

Nick Coghlan ncoghlan at gmail.com
Wed Dec 31 19:24:08 CET 2014

On 1 January 2015 at 04:04, Paul Moore <p.f.moore at gmail.com> wrote:

> Anyway, I'll leave further comment to people with a better
> understanding of the issue, although I'm happy to clarify if any of
> the above isn't clear.

Expert blindness can be a serious problem when it comes to security design,
so please keep the questions coming. I've come to the realisation that
having done things like blending aspects of the 802.11i WPA2 spec with HF
automatic link establishment to come up with a custom authentication
protocol means I'm no longer qualified to judge what counts as "common
knowledge" in these areas, and the TUF folks leave me in the dust :)


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20150101/fa992080/attachment.html>

More information about the Distutils-SIG mailing list