[Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
Kurt B. Kaiser
kbk at shore.net
Sat Apr 4 21:49:01 CEST 2015
On Sat, Apr 4, 2015, at 03:35 PM, M.-A. Lemburg wrote:
> On 04.04.2015 21:02, Kurt B. Kaiser wrote:
> > For the record, that is a Symantec/Verisign code signing
> > certificate. We paid $1123 for it last April. It expires
> > April 2017.
> >
> > If you don't switch to a different vendor, e.g. startssl, please
> > contact me for renewal in 2017.
>
> FWIW: The PSF mostly uses StartSSL nowadays and they also support code
> signing certificates. Given that this option is a lot cheaper than
> Verisign, I think we should switch, unless there are significant
> reasons not to. We should revisit this in 2017.
Agree - apparently the starlssl process for getting a signing cert is
complex/obscure, so we should start early.
Let me know if I can help providing PSF organization verification.
KBK
More information about the Python-Dev
mailing list