On Apr 24, 1:34 pm, Paul Rubin <http://[EMAIL PROTECTED]> wrote: > Paul Boddie <[EMAIL PROTECTED]> writes: > > simple Python-only modules, all you'd really need to do to prove the > > concept is to develop the client-side Windows software (eg. apt-get > > for Windows) which downloads package lists, verifies signatures, and > > works out where to put the package contents. ... > > I thought the Windows "solution" to this was Authenticode, which is a > scheme for signing executables against certificates similar to those > used on SSL web sites. Of course there's been at least one notorious > forgery, but typical Linux distro repositories are probably not all > that secure either. > > In the case of a pure Python program like Beautiful Soup, I certainly > think any installation needing running code should be done by > distutils included in the Python distro.
I only create binaries using the bdist_wininst or bdist_msi commands for the extensions. If you think adding a code signature will make the binaries more acceptable, I'm not against it. Certificates from Comodo don't cost too much... Mike -- http://mail.python.org/mailman/listinfo/python-list
