Problem
You want to sign a file digitally, but have the signature reside in a separate file
Solution:-
To create a binary format detached signature, myfile.sig :-
gpg --detach-sign myfile
To create an ASCII format detached signature, myfile.asc:-
gpg --detach-sign -a myfile
Discussion:-
A detached signature is placed into a file by itself, not inside the file it represents. Detached signatures are commonly used to validate sw distributed in compressed tar files , ex., myprogram.tar.gz. You can't sign such a file internally without altering its contents, so the signature is created in a separate file such as myprogram.tar.gz.sig
No comments:
Post a Comment