[Pythonmac-SIG] Package Manager idea, adding a URL scheme
Glenn Andreas
gandreas at delver.com
Thu Oct 9 15:57:01 EDT 2003
>On Thursday, Oct 9, 2003, at 15:30 America/New_York, amk at amk.ca wrote:
>
>>On Thu, Oct 09, 2003 at 09:06:43PM +0200, Jack Jansen wrote:
>>>We are going to need digital signatures at some point, so if we're
>>>not going to have them in Python we have to warn users and provide
>>>them with an out-of-band way to test packages.
>>
>>Can we use GnuPG? It provides an interface for being run as a subprocess
>>and reporting results back in a form usable for programs. Perhaps it could
>>just require that GnuPG is available (via Fink or some other mechanism).
>
>I think it would be a lot easier on the users if we could just let
>them install a particular Python package that can do the signature
>verification. Is there anything in OpenSSL that could be exploited
>for this purpose?
According to http://www.openssl.org/docs/crypto/DSA_sign.html it sure
looks that way.
Now if this is directly usable, that's another question...
--
Glenn Andreas gandreas at delver.com
Theldrow, Blobbo, Cythera, oh my!
Be good, and you will be lonesome
More information about the Pythonmac-SIG
mailing list