Q. about difference between -sign and -clearsign

Anthony E. Greene agreene@pobox.com
Wed Feb 26 18:07:02 2003


Alessio Dessi wrote:
> On mer, 2003-02-26 at 15:59, Anthony E. Greene wrote:
> 
>>darren chamberlain wrote:
>>
>>>The output of --sign is a file containing the only signature, while
>>>clearsigning combines the file and the signature.
>>
>>Not quite. Both options create a file that contains both the signed data 
>>and the signature. You may be thinking of --detach-sign.
>>
>>The only difference between --sign and --clearsign is whether the output 
>>is human-readable.
>>
> 
> You mean that -sign give a binary sign ? and -clearsign an ASCII sign ?

No.  --sign creates data+signature that is not human readable. The output 
may be binary, or it may be ASCII armor (--armor or -a option). In either 
case, you cannot read the data until it is processed by OpenPGP. The data 
is not human-redable.

--clearsign create data+signature where the data remains human readable. 
You need OpenPGP to verify the sig, but if you just need to read the text, 
you do not need any special software. The data is human-readable.

Both calculate the signature the same way. The difference is in the 
*output format*.

Tony
-- 
Anthony E. Greene <mailto:Anthony%20E.%20Greene%20%3Cagreene@pobox.com%3E>
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
AOL/Yahoo Chat: TonyG05   HomePage: <http://www.pobox.com/~agreene/>
Linux. The choice of a GNU generation. <http://www.linux.org/>