Perhaps you would be interested in the Wheel package format's upcoming public key signature system (wheel.rtfd.orgl#signed-wheel-files). The (undocumented) plan will include per-buildserver, per-package and possibly per-package-version signing keys via a pluggable trust model, instead of the PGP model where a signing key is an e-mail address.
About wheel "A wheel is a ZIP-format archive with a specially formatted filename and the .whl extension. It is designed to contain all the files for a PEP 376 compatible install in a way that is very close to the on-disk format." A simple wheel for Package-1.0 would contain package.py Package-1.0.dist-info/METADATA (PEP-376, PEP-345 'Metadata 1.2') Package-1.0.dist-info/WHEEL (metadata for this build of the dist) Package-1.0.dist-info/RECORD (extended PEP-376) The bdist_wheel setuptools plugin and egg2wheel and wininst2wheel allow you to create wheel archives without having to modify source dists. _______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
