➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2016-10-10 03:17 by steve.dower, last changed 2022-04-11 14:58 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 552 | closed | dstufft, 2017-03-31 16:36 | |
| Messages (2) | |||
|---|---|---|---|
| msg278400 - (view) | Author: Steve Dower (steve.dower) *  |
Date: 2016-10-10 03:17 | |
On Windows, we sign all binaries with the PSF code signing certificate. We can also sign all the standard library and tools .py files using a catalog, which will put the hashes of the original files into a signed bundle. This can then be validated by users (e.g. using "signtool.exe verify") at any point after installation. Worth noting that the OS does not automatically verify signatures in a catalog file. It's only worthwhile doing this for files that may end up on a production machine - essentially, those files included in lib.msi and tools.msi (not test.msi, dev.msi or tcltk.msi). |
|||
| msg278401 - (view) | Author: Roundup Robot (python-dev)  |
Date: 2016-10-10 03:19 | |
New changeset e050ed5da06d by Steve Dower in branch '3.6': Issue #28402: Adds signed catalog files for stdlib on Windows. https://hg.python.org/cpython/rev/e050ed5da06d New changeset 27edae50e62c by Steve Dower in branch 'default': Issue #28402: Adds signed catalog files for stdlib on Windows. https://hg.python.org/cpython/rev/27edae50e62c |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:38 | admin | set | github: 72588 |
| 2017-03-31 16:36:38 | dstufft | set | pull_requests: + pull_request1107 |
| 2016-10-10 03:20:17 | steve.dower | set | status: open -> closed resolution: fixed stage: resolved |
| 2016-10-10 03:19:43 | python-dev | set | nosy:
+ python-dev messages: + msg278401 |
| 2016-10-10 03:17:50 | steve.dower | create | |