blymn@baea.com.au (Brett Lymn) writes:

> Only that it stops the execution of any unsigned binary.  There is
> nothing to stop a person, given the correct permissions, running any
> binary they want - even one they have downloaded into, say, /tmp.  By
> using signing you can have a mechanism that can detect such a binary
> and not run it.

Without a cool public key system, where NetBSD Foundation, Inc
binaries could be signed and distributed (and presumably trusted) I
don't know why, other than for experimentation, this would be used...

--Michael