Author skrah
Recipients Arfrever, alexis, barry, eric.araujo, fdrake, jwilk, loewis, skrah, tarek, techtonik
Date 2011-06-03.18:39:04
SpamBayes Score 0.0104828
Marked as misclassified No
Message-id <>
I think there should be a warning that the connection is unauthenticated
(i.e. not secure). Users tend to be upset if they see 'https' and later
find out that no certificates were verified.

A reasonably secure alternative is to publish the pypi server
certificate in a couple of places (python-dev,
Then the user can import the certificate into the browser while
on a trusted connection and henceforth do all uploading etc.
via the browser.
Date User Action Args
2011-06-03 18:39:05skrahsetrecipients: + skrah, loewis, fdrake, barry, techtonik, tarek, jwilk, eric.araujo, Arfrever, alexis
2011-06-03 18:39:04skrahsetmessageid: <>
2011-06-03 18:39:04skrahlinkissue12226 messages
2011-06-03 18:39:04skrahcreate