On 21.01.2016 17:40, Steve Dower wrote:
> (I forget exactly who to contact about the certificate, so I'm going slightly
> more broad.)
>
> The PSF's certificate we use to sign binaries and the installer for Windows
> is a SHA-1 certificate,
> which has been deprecated as of the start of the year: http://aka.ms/sha1
>
> Already Windows may warn about the certificate on our current and past
> releases, but because the
> signature is timestamped prior to 01Jan2016 it will not be blocked. However,
> our next releases will
> be blocked (with a bypass available) unless we update the certificate to
> SHA-2.
>
> Some sources have suggested that CAs will provide a SHA-2 certificate for
> free on request.
>
> Supporting Windows Vista and Windows Server 2008 appears to be complicated,
> according to the link I
> gave above. I want to test the effect of only signing with SHA-2 on those
> platforms and make a
> recommendation based on that, rather than trying to guess what will happen
> (those OSs did not block
> downloaded files as aggressively as Windows 7+).
>
> Happy to take this off list once I know who handles this certificate.
I'm the one who handles the PSF StartSSL account and yes,
they also do code signing certificates.
I'd suggest to take this offlist.
Thanks,
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Experts (#1, Jan 21 2016)
>>> Python Projects, Coaching and Consulting ... http://www.egenix.com/
>>> Python Database Interfaces ... http://products.egenix.com/
>>> Plone/Zope Database Interfaces ... http://zope.egenix.com/
::: We implement business ideas - efficiently in both time and costs :::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
http://www.egenix.com/company/contact/
http://www.malemburg.com/
___
python-committers mailing list
[email protected]
https://mail.python.org/mailman/listinfo/python-committers
