Ideally authors will be signing their packages (using gpg keys). Of course how to distribute keys is an exercise left to the reader. On Friday, June 22, 2012 at 11:48 AM, Vinay Sajip wrote: > <martin <at> v.loewis.de (http://v.loewis.de)> writes: >> > > > See above. Also notice that such signing is already implemented, as part > > of PEP 381. > > >>> BTW, I notice that the certificate for https://pypi.python.org/ expired a week > ago ... >> Regards, >> Vinay Sajip >>> _______________________________________________ > Python-Dev mailing list > Python-Dev at python.org (mailto:Python-Dev at python.org) > http://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: http://mail.python.org/mailman/options/python-dev/donald.stufft%40gmail.com >> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20120622/df2462ee/attachment.html>