Mark M. <markm@voicenet.com> wrote:
I didn't say that binaries couldn't be signed. I said they couldn't be *clear*-signed. There is a difference between clearsigning and creating a signature certificate that is either concatenated with the data or written to a separate file. If somebody who doesn't have PGP gets a file that is signed by PGP, the file is completely useless to that person.
My mistake. I guess I still don't understand your point however. Of what use is a signature on a file to someone who cannot check its validity? It seems to me that a separate signature file for a binary would serve the same purpose ("gee, it LOOKS like somebody signed it"). Clay *************************************************************************** Clay Olbon II * Clay.Olbon@dynetics.com Systems Engineer * PGP262 public key on web page Dynetics, Inc. * http://www.msen.com/~olbon/olbon.html ***************************************************************** TANSTAAFL