[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Lack of PGP signatures

To: "Mark M." <[email protected]>
Subject: Re: Lack of PGP signatures
From: "Clay Olbon II" <[email protected]>
Date: 5 Jul 96 11:22:51 -0400
Cc: [email protected]
Sender: [email protected]

>It is not possible to clear-sign binaries with PGP.  The point of clear-
>signing
>is to have signed text that is readable to people who don't have the
>software
>necessary to process the text.  It would make sense to clearsign a file
that
>is base64'ed or uuencoded, which wouldn't alter the contents of the file. 
I
>can't see how such an option would be harmful, except that it might lose
>some
>characters that are important to the context of the message.
>

Mark,

Of course you can use pgp to sign binaries.  How else did the pgp binary
itself get signed?  You can either sign it in a separate file, or in the
same file.  PGP sorts it out for you.  

What do you use it for?  Same reasons you sign text.  "I signed this file"
means that you vouch for it in some undefined way (maybe I wrote and
compiled it, or somesuch).  

	Clay

***************************************************************************
Clay Olbon II       *      [email protected]
Systems Engineer    *    PGP262 public key on web page
Dynetics, Inc.      * http://www.msen.com/~olbon/olbon.html
***************************************************************** TANSTAAFL

Follow-Ups:
- Re: Lack of PGP signatures
  - From: "Mark M." <[email protected]>

Prev by Date: Re: SAFE forum -- remarks of Herb Lin
Next by Date: Re: CWD -- Jacking in from the "Keys to the Kingdom" Port
Prev by thread: Re: Lack of PGP signatures
Next by thread: Re: Lack of PGP signatures
Index(es):
- Date
- Thread