Dear Martin, >> Educated, adult developers with good internet connections may know that, >> but all users? What about software on a CD or a memory stick? > > Also, I believe users *still* get a confirmation window, just the > message changes from "we don't know who wrote this software" to > "we know PSF wrote it - do you trust them?"
Ugh. Still better than a warning. > So, "all users" aren't any better off with authenticode. > >> I haven't looked at authenticode, but I guess it's a cryptographical >> signature. > > Correct. > >> That defaults to a good thing. > > That's a very common pitfall, and untrue. People are talked into > believing that signed software is "more trustworthy" than unsigned > software. This is absolutely not the case. The signed software may > just as well contain malware. The only difference is that you can > go after the author - provided you can get hold of him, and provided > you can prove (in court) that it was actual that software that > caused the damage. Depending on the malware, you may not even know > that damage was made, e.g. if it was signed spyware. Yes, I am aware of that. But the signature makes a man-in-the-middle attack harder. > So code-signing can very realistically give a false sense of > security. This is *not* a good thing. > >> You will have the say whether Python uses authenticode, but I'm not >> convinced by your arguments. > > I think I'll have to produce a signed version of the 2.5.1 installer, so > that people can see for themselves. That is a friendly idea. Thank you. - Lars _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org http://mail.python.org/mailman/listinfo/distutils-sig
