[python-committers] New Authenticode certificate
M.-A. Lemburg
mal at egenix.com
Thu Jan 21 13:31:46 EST 2016
On 21.01.2016 17:40, Steve Dower wrote:
> (I forget exactly who to contact about the certificate, so I'm going slightly more broad.)
>
> The PSF's certificate we use to sign binaries and the installer for Windows is a SHA-1 certificate,
> which has been deprecated as of the start of the year: http://aka.ms/sha1
>
> Already Windows may warn about the certificate on our current and past releases, but because the
> signature is timestamped prior to 01Jan2016 it will not be blocked. However, our next releases will
> be blocked (with a bypass available) unless we update the certificate to SHA-2.
>
> Some sources have suggested that CAs will provide a SHA-2 certificate for free on request.
>
> Supporting Windows Vista and Windows Server 2008 appears to be complicated, according to the link I
> gave above. I want to test the effect of only signing with SHA-2 on those platforms and make a
> recommendation based on that, rather than trying to guess what will happen (those OSs did not block
> downloaded files as aggressively as Windows 7+).
>
> Happy to take this off list once I know who handles this certificate.
I'm the one who handles the PSF StartSSL account and yes,
they also do code signing certificates.
I'd suggest to take this offlist.
Thanks,
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Experts (#1, Jan 21 2016)
>>> Python Projects, Coaching and Consulting ... http://www.egenix.com/
>>> Python Database Interfaces ... http://products.egenix.com/
>>> Plone/Zope Database Interfaces ... http://zope.egenix.com/
________________________________________________________________________
::: We implement business ideas - efficiently in both time and costs :::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
http://www.egenix.com/company/contact/
http://www.malemburg.com/
More information about the python-committers
mailing list