[Python-Dev] Code signing of Windows .msi/.dll/.exe's for 2.6/3.0

Barry Warsaw barry at python.org
Thu Apr 17 17:05:20 CEST 2008

Hash: SHA1

On Apr 17, 2008, at 10:48 AM, Guido van Rossum wrote:
> This is going to be a major administrative hassle. Obviously you have
> to be extremely cautious with the private part of the certificate, or
> it's worthless. That means that there will probably be only one person
> who can sign binaries. That person would have also have to build all
> the binaries -- signing binaries you retrieved from the internet
> sounds like a complete bypassing of the security procedures. *And*
> that person would forever have to be extremely cautious with the
> machine on which the certificate resides, keeping it turned off and
> locked away securely most of the time, or else risk that the machine
> is infected by malware, again bypassing the point. While the chances
> of ever signing something bad are low, the bad effects could be huge
> (sort of like the risk of an earthquake as compared to a car crash).
> I'm not at all sure that we are set up to do this right, and that it
> is worth the minor inconvenience to users of having to acknowledge a
> red-flag dialog. After all, they will be ack'ing such dialogs all the
> time if they are at all used to downloading software from the
> internet.

MvL is leading this effort and is currently trying to get a code  
signing certificate (my attempts having utterly failed on the Mac ;).   
Please coordinate with him.

- -Barry

Version: GnuPG v1.4.8 (Darwin)


More information about the Python-Dev mailing list