[Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
M.-A. Lemburg
mal at egenix.com
Fri Apr 17 00:46:20 CEST 2015
On 16.04.2015 21:34, "Martin v. Löwis" wrote:
> Am 04.04.15 um 21:54 schrieb M.-A. Lemburg:
>>>> FWIW: The PSF mostly uses StartSSL nowadays and they also support code
>>>> signing certificates. Given that this option is a lot cheaper than
>>>> Verisign, I think we should switch, unless there are significant
>>>> reasons not to. We should revisit this in 2017.
>>>
>>> Agree - apparently the starlssl process for getting a signing cert is
>>> complex/obscure, so we should start early.
>>
>> Not really. Once you have the org verification it's really easy.
>>
>>> Let me know if I can help providing PSF organization verification.
>>
>> I already completed that for the current cycle.
>>
>
> I had asked the PSF for a StartSSL certificate when the previous
> certificate expired, and the PSF was not able to provide one. After
> waiting several weeks for the PSF to provide the certificate, Kurt then
> kindly went to Verisign.
When was that ? I never received such a request. The account
I'm using was created in Dec 2014 and the validation received
on 2014-12-17. This is valid for about a year:
https://wiki.python.org/psf/PSF%20SSL%20Certificates
Code signing certificates are valid for two years, so switching
to StartSSL probably doesn't make much sense now, unless perhaps
we want to switch to SHA2 and longer RSA keys (if that's possible for
code signing certs - I'd have to check).
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Source (#1, Apr 17 2015)
>>> Python Projects, Coaching and Consulting ... http://www.egenix.com/
>>> mxODBC Plone/Zope Database Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________
::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
http://www.egenix.com/company/contact/
More information about the Python-Dev
mailing list