On 04.04.2015 02:49, Donald Stufft wrote:
>
>> On Apr 3, 2015, at 6:38 PM, M.-A. Lemburg wrote:
>>
>> On 04.04.2015 00:14, Steve Dower wrote:
>>> The thing is, that's exactly the same goodness as Authenticode gives,
>>> except everyone gets that for free and meanwhile you're the only one who
>>
"Authenticode does not have a PKI"
If you got that from this discussion, I need everyone to at least skim read
this: https://msdn.microsoft.com/en-us/library/ie/ms537361(v=vs.85).aspx
Authenticode uses the same certificate infrastructure as SSL (note: not the
same certificates). As I see it, a
"Relying only on Authenticode for Windows installers would result in a break in
technology w/r to the downloads we make available for Python, since all other
files are (usually) GPG signed"
This is the point of this discussion. I'm willing to make such a break because
I believe Authenticode is
On 04.04.2015 16:41, Steve Dower wrote:
> "Relying only on Authenticode for Windows installers would result in a break
> in technology w/r to the downloads we make available for Python, since all
> other files are (usually) GPG signed"
>
> This is the point of this discussion. I'm willing to mak
Small clarification: there certificates *are* the same format as for SSL, and
OpenSSL it's able to validate them in the same way as well as generate them
(but not extract embedded ones, AFAICT). But generally SSL certificates are not
marked as suitable for code signing so you need to buy a separ
For the record, that is a Symantec/Verisign code signing certificate. We
paid $1123 for it last April. It expires April 2017.
If you don't switch to a different vendor, e.g. startssl, please contact
me for renewal in 2017.
KBK
On Sat, Apr 4, 2015, at 10:35 AM, Steve Dower wrote:
> Small clarifi
On 04.04.2015 21:02, Kurt B. Kaiser wrote:
> For the record, that is a Symantec/Verisign code signing certificate. We
> paid $1123 for it last April. It expires April 2017.
>
> If you don't switch to a different vendor, e.g. startssl, please contact
> me for renewal in 2017.
FWIW: The PSF mostly
On Sat, Apr 4, 2015, at 03:35 PM, M.-A. Lemburg wrote:
> On 04.04.2015 21:02, Kurt B. Kaiser wrote:
> > For the record, that is a Symantec/Verisign code signing
> > certificate. We paid $1123 for it last April. It expires
> > April 2017.
> >
> > If you don't switch to a different vendor, e.g. st
On 04.04.2015 21:49, Kurt B. Kaiser wrote:
>
>
> On Sat, Apr 4, 2015, at 03:35 PM, M.-A. Lemburg wrote:
>> On 04.04.2015 21:02, Kurt B. Kaiser wrote:
>>> For the record, that is a Symantec/Verisign code signing
>>> certificate. We paid $1123 for it last April. It expires
>>> April 2017.
>>>
>>>
On Sat, Apr 4, 2015, at 03:54 PM, M.-A. Lemburg wrote:
> On 04.04.2015 21:49, Kurt B. Kaiser wrote:
> >
> >
> > On Sat, Apr 4, 2015, at 03:35 PM, M.-A. Lemburg wrote:
> >> On 04.04.2015 21:02, Kurt B. Kaiser wrote:
> >>> For the record, that is a Symantec/Verisign code signing
> >>> certificate
10 matches
Mail list logo
