[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Lack of PGP signatures
-----BEGIN PGP SIGNED MESSAGE-----
On 5 Jul 1996, Clay Olbon II wrote:
> Mark,
>
> Of course you can use pgp to sign binaries. How else did the pgp binary
> itself get signed? You can either sign it in a separate file, or in the
> same file. PGP sorts it out for you.
>
> What do you use it for? Same reasons you sign text. "I signed this file"
> means that you vouch for it in some undefined way (maybe I wrote and
> compiled it, or somesuch).
I didn't say that binaries couldn't be signed. I said they couldn't be
*clear*-signed. There is a difference between clearsigning and creating a
signature certificate that is either concatenated with the data or written
to a separate file. If somebody who doesn't have PGP gets a file that is
signed by PGP, the file is completely useless to that person.
- -- Mark
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[email protected] | finger -l for PGP key 0xe3bf2169
http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348
"Freedom is the freedom to say that two plus two make four. If that
is granted, all else follows." --George Orwell, _1984_
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
iQCVAwUBMd1G47Zc+sv5siulAQEjvQQAg57AF6FAZbQ8EeOJ2CH9UCTDB5rfNl3B
e5OUIgLMHLnkix8xQchoTEXo0f4spBRjddUu5fy16nP5k9ZNiyKCAYOYZZeiR7n9
cG/reikrCbW02/kAlCJcdoNIsTFXuauf3qity+Co1x2afu0Nl/V4vwvaAzxyLHRK
tYECCec7pNY=
=iR57
-----END PGP SIGNATURE-----