http://slashdot.org/article.pl?sid=04/08/12/2051219&tid=172If you embed a signature of the file into the file, doesn't this by definition change the file's signature?
I would still recommend publishing a separate public key, however,and include an encrypted signature in the program. As you say, it canalways be changed and re-encoded.
On the other hand, this might be useful on a server, byencoding a public key and checker on a CD-R and checking all yourprograms periodically against the CD-R key. You could encode signaturesin each program and be able to upgrade programs from a central encodingserver without having to write a new cd each time.
I have no idea what you just said. :)
I don't either, which is why I posted it -- a digital sticky note to refer to later.It's a quote from a Slashdot article.
Post a Comment