Message278400
On Windows, we sign all binaries with the PSF code signing certificate.
We can also sign all the standard library and tools .py files using a catalog, which will put the hashes of the original files into a signed bundle. This can then be validated by users (e.g. using "signtool.exe verify") at any point after installation. Worth noting that the OS does not automatically verify signatures in a catalog file.
It's only worthwhile doing this for files that may end up on a production machine - essentially, those files included in lib.msi and tools.msi (not test.msi, dev.msi or tcltk.msi). |
|
Date |
User |
Action |
Args |
2016-10-10 03:17:50 | steve.dower | set | recipients:
+ steve.dower, paul.moore, tim.golden, zach.ware |
2016-10-10 03:17:50 | steve.dower | set | messageid: <1476069470.02.0.829638678389.issue28402@psf.upfronthosting.co.za> |
2016-10-10 03:17:49 | steve.dower | link | issue28402 messages |
2016-10-10 03:17:48 | steve.dower | create | |
|