Lack of PGP signatures

Clay Olbon II Clay.Olbon at dynetics.com
Fri Jul 5 12:03:36 PDT 1996


>It is not possible to clear-sign binaries with PGP.  The point of clear-
>signing
>is to have signed text that is readable to people who don't have the
>software
>necessary to process the text.  It would make sense to clearsign a file
that
>is base64'ed or uuencoded, which wouldn't alter the contents of the file. 
I
>can't see how such an option would be harmful, except that it might lose
>some
>characters that are important to the context of the message.
>

Mark,

Of course you can use pgp to sign binaries.  How else did the pgp binary
itself get signed?  You can either sign it in a separate file, or in the
same file.  PGP sorts it out for you.  

What do you use it for?  Same reasons you sign text.  "I signed this file"
means that you vouch for it in some undefined way (maybe I wrote and
compiled it, or somesuch).  

	Clay

***************************************************************************
Clay Olbon II       *      Clay.Olbon at dynetics.com
Systems Engineer    *    PGP262 public key on web page
Dynetics, Inc.      * http://www.msen.com/~olbon/olbon.html
***************************************************************** TANSTAAFL







More information about the cypherpunks-legacy mailing list