[Python-Dev] [python-committers] Do we need to sign Windows files with GnuPG?
"Martin v. Löwis"
martin at v.loewis.de
Thu Apr 16 21:34:42 CEST 2015
Am 04.04.15 um 21:54 schrieb M.-A. Lemburg:
>>> FWIW: The PSF mostly uses StartSSL nowadays and they also support code
>>> signing certificates. Given that this option is a lot cheaper than
>>> Verisign, I think we should switch, unless there are significant
>>> reasons not to. We should revisit this in 2017.
>>
>> Agree - apparently the starlssl process for getting a signing cert is
>> complex/obscure, so we should start early.
>
> Not really. Once you have the org verification it's really easy.
>
>> Let me know if I can help providing PSF organization verification.
>
> I already completed that for the current cycle.
>
I had asked the PSF for a StartSSL certificate when the previous
certificate expired, and the PSF was not able to provide one. After
waiting several weeks for the PSF to provide the certificate, Kurt then
kindly went to Verisign.
Kind regards,
Martin
More information about the Python-Dev
mailing list