On Feb 10, 2013, at 02:44 PM, Nick Coghlan wrote: >integrating TUF (https://www.updateframework.com/) into the PyPI based >distribution infrastructure sounds like the best available option
And they've already done some amount of work for us. https://www.updateframework.com/wiki/SecuringPythonPackageManagement -Barry
signature.asc
Description: PGP signature
_______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
