[Python-Dev] Code signing of Windows .msi/.dll/.exe's for 2.6/3.0

[Barry Warsaw]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Apr 17, 2008, at 10:48 AM, Guido van Rossum wrote:
> This is going to be a major administrative hassle. Obviously you have
> to be extremely cautious with the private part of the certificate, or
> it's worthless. That means that there will probably be only one person
> who can sign binaries. That person would have also have to build all
> the binaries -- signing binaries you retrieved from the internet
> sounds like a complete bypassing of the security procedures. *And*
> that person would forever have to be extremely cautious with the
> machine on which the certificate resides, keeping it turned off and
> locked away securely most of the time, or else risk that the machine
> is infected by malware, again bypassing the point. While the chances
> of ever signing something bad are low, the bad effects could be huge
> (sort of like the risk of an earthquake as compared to a car crash).
>
> I'm not at all sure that we are set up to do this right, and that it
> is worth the minor inconvenience to users of having to acknowledge a
> red-flag dialog. After all, they will be ack'ing such dialogs all the
> time if they are at all used to downloading software from the
> internet.

MvL is leading this effort and is currently trying to get a code  
signing certificate (my attempts having utterly failed on the Mac ;).   
Please coordinate with him.

- -Barry

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iQCVAwUBSAdnMHEjvBPtnXfVAQKkhQP/frCWs9sLcWyrAmDouCIq0n2X0B0TUbbG
+tEUQVBj2hJ/CVnmc6PjyFNjOhlfhIv+BI544QhsvoAlC2OdQe9d8hHX8sqnPUJy
lsm0gZ49ldqOhM91Q285RPtoELEEXQtfTYS2RUI/whNy+O/EDiRMVIDtNfaJOMgS
j6zeojy8d4E=
=m4aj
-----END PGP SIGNATURE-----