1996-07-05 - Re: Lack of PGP signatures

Header Data

From: “Clay Olbon II” <Clay.Olbon@dynetics.com>
To: “Mark M.” <markm@voicenet.com>
Message Hash: 2c8ac0a3bd3962ddc61f2872718a099a8f5bb5a038937cd4fa253e1553a33f4e
Message ID: <AE02AB9A-EDB96@193.239.225.200>
Reply To: N/A
UTC Datetime: 1996-07-05 19:03:36 UTC
Raw Date: Sat, 6 Jul 1996 03:03:36 +0800

Raw message

From: "Clay Olbon II" <Clay.Olbon@dynetics.com>
Date: Sat, 6 Jul 1996 03:03:36 +0800
To: "Mark M." <markm@voicenet.com>
Subject: Re: Lack of PGP signatures
Message-ID: <AE02AB9A-EDB96@193.239.225.200>
MIME-Version: 1.0
Content-Type: text/plain


>It is not possible to clear-sign binaries with PGP.  The point of clear-
>signing
>is to have signed text that is readable to people who don't have the
>software
>necessary to process the text.  It would make sense to clearsign a file
that
>is base64'ed or uuencoded, which wouldn't alter the contents of the file. 
I
>can't see how such an option would be harmful, except that it might lose
>some
>characters that are important to the context of the message.
>

Mark,

Of course you can use pgp to sign binaries.  How else did the pgp binary
itself get signed?  You can either sign it in a separate file, or in the
same file.  PGP sorts it out for you.  

What do you use it for?  Same reasons you sign text.  "I signed this file"
means that you vouch for it in some undefined way (maybe I wrote and
compiled it, or somesuch).  

	Clay

***************************************************************************
Clay Olbon II       *      Clay.Olbon@dynetics.com
Systems Engineer    *    PGP262 public key on web page
Dynetics, Inc.      * http://www.msen.com/~olbon/olbon.html
***************************************************************** TANSTAAFL






Thread