Steve Dower <[email protected]> writes: > Nathaniel Smith wrote: > > And I suspect python-dev generally doesn't put much weight on the > > extra effort required (release managers have all been using gpg for > > decades, it's pretty trivial) > > I'm aware of this, but still don't see it as a reason to unnecessarily > duplicate process.
That's a good argument. But it's one against Authenticode, because that's a single-platform process that duplicates an existing convention to use an open, free standard: OpenPGP certificates. So the demands of "why do we need to duplicate this work?" should be made to Microsoft for choosing to re-invent that long-standing and superior (because open, free-software, and cross-platform) wheel. -- \ "At my lemonade stand I used to give the first glass away free | `\ and charge five dollars for the second glass. The refill | _o__) contained the antidote." —Emo Philips | Ben Finney _______________________________________________ Python-Dev mailing list [email protected] https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com