[python-committers] New Authenticode certificate

Jeff Hardy jdhardy at gmail.com
Mon Feb 22 12:45:21 EST 2016


On Wed, Feb 17, 2016 at 12:05 PM, Steve Dower <steve.dower at python.org>
wrote:

> On 17Feb2016 0903, M.-A. Lemburg wrote:
>
>> On 16.02.2016 23:45, Jeff Hardy wrote:
>>
>>> I don't have an issue with Steve building them; the release process is
>>> pretty much a single make step. It's a mild annoyance for each of us, but
>>> it would only be for final releases, so only 2-3 times a year at most.
>>>
>>
>> If Steve is fine with this approach, it sounds like a good option.
>>
>>
> I'm fine with this, though I'll probably contribute some extra automation.
> One-click build/sign/upload (or send-to-Jeff) are a few of my favourite
> things.
>
> I also agree that the certificate only indicates that "we the PSF" built
> the code, believe it to be unchanged from the sources, and believe the
> origin of the sources is safe. If anyone has concerns about mine or Jeff's
> role in this, looks like now is the time to speak up.
>

I'm rather busy right now with moving but once it's time to do another
release I'll get in touch again and we can hash out a process for signing
artifacts.

- Jeff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-committers/attachments/20160222/a9607fc0/attachment.html>


More information about the python-committers mailing list