Source and binary executables are signed by the release manager or binary builder using their OpenPGP key. Release files for currently supported releases are signed by the following:
- Thomas Wouters (3.12.x and 3.13.x source files and tags) (key id: )
- (key id: )
- (key id: )
- (key id: )
- (key ids: and
- Larry Hastings (3.5.x source files and tags) (key id: 3A5C A953 F73C 700D)
- (key id: and A4135B38)
Release files for older releases which have now reached end-of-life may have been signed by one of the following:
- Anthony Baxter (key id: 0EDD C5F2 6A45 C816)
- Georg Brandl (key id: 0A5B 1018 3658 0288)
- Martin v. Löwis (key id: )
- Ronald Oussoren (key id: C9BE 28DE E6DF 025C)
- (key ids: , )
You can import a person's public keys from a public keyserver network server you trust by running a command like:
or, in many cases, public keys can also be found at . On the version-specific download pages, you should see a link to both the downloadable file and a detached signature file. To verify the authenticity of the download, grab both files and then run this command:
Note that you must use the name of the signature file, and you should use the one that's appropriate to the download you're verifying.
- (These instructions are geared to and Unix command-line users.)
(Updated for Azure Trusted Signing, which applies for all releases chronologically from 3.14.0a1)
The Windows installers and all binaries produced as part of each Python release are signed using an Authenticode signing certificate issued to the Python Software Foundation. This can be verified by viewing the properties of any executable file, looking at the Digital Signatures tab, and confirming the name of the signer. Our full certificate subject is and as of 14th October 2024 the certificate authority is . Our previous certificates were issued by DigiCert.
Note that some executables may not be signed, notably, the default command. These are not built as part of Python, but are included from third-party libraries. Files that are intended to be modified before use cannot be signed and so will not have a signature.
Installer packages for Python on macOS downloadable from python.org are signed with with an Apple Developer ID Installer certificate.
- As of Python 3.11.4 and 3.12.0b1 (2023-05-23), release installer packages are signed with certificates issued to the Python Software Foundation (Apple Developer ID BMM5U3QVKW)).
- Installer packages for previous releases were signed with certificates issued to Ned Deily (DJ3H93M7VJ).
- Looking for 3rd party Python modules? The has many of them.
- You can the standard documentation online, or you can it in HTML, Postscript, PDF and other formats. See the main page.
- Information on provided on python.org is available.
- Tip: even if you download a ready-made binary for your platform, it makes sense to also download the . This lets you browse the standard library (the subdirectory Lib) and the standard collections of demos (Demo) and tools (Tools) that come with it. There's a lot you can learn from the source!
- There is also a that the Emacsing Pythoneer might find useful. This includes major modes for editing Python, C, C++, Java, etc., Python debugger interfaces and more. Most packages are compatible with Emacs and XEmacs.