Clearsigning is adding a digital signature to a text message so it can be read without PGP decryption. Clearsigning can not be used with binary or HTML, only straight ASCII text. The output, although readable to humans, is not a text file. The output is a signed PGP file which happens to be readable with a text reader like Notepad.

Why would someone use clearsigning? You can send an open message to someone (or a group), but the signature can be checked to authenticate the message.


C-Dawg had a few questions concerning why I was making a specific point that it is a PGP vice text file. When you check the file, you check the entire message. If you just check the signature, it will be valid yet may have a changed message. By using a clear-text readable PGP file, you can be sure that the whole item is verified.

Log in or register to write something here or to contact authors.