Message 352018 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	mattip
Recipients	christian.heimes, lkollar, lukasz.langa, mattip, ned.deily
Date	2019-09-11.19:24:14
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1568229854.74.0.428856951685.issue37967@roundup.psfhosted.org>
In-reply-to

Content
> If you use pubkeys.txt from https://www.python.org/static/files/pubkeys.txt, then GPG verification gives you no additional security I am confused. If the pubkeys.txt on python.org has no benefit, why does it exist? What is considered best practices for people wanting to verify the download from https://www.python.org/ftp ?

> If you use pubkeys.txt from https://www.python.org/static/files/pubkeys.txt, then GPG verification gives you no additional security

I am confused. If the pubkeys.txt on python.org has no benefit, why does it exist? What is considered best practices for people wanting to verify the download from https://www.python.org/ftp ?

History
Date	User	Action	Args
2019-09-11 19:24:14	mattip	set	recipients: + mattip, christian.heimes, ned.deily, lukasz.langa, lkollar
2019-09-11 19:24:14	mattip	set	messageid: <1568229854.74.0.428856951685.issue37967@roundup.psfhosted.org>
2019-09-11 19:24:14	mattip	link	issue37967 messages
2019-09-11 19:24:14	mattip	create