signingonly

Signingonly refers to a mode or policy in which data is digitally signed to provide integrity and authenticity, but not encrypted to provide confidentiality. In this approach, a private key is used to generate a signature that can be verified with a corresponding public key, allowing recipients to confirm origin and integrity without hiding the content from observers.

In practice, signingonly can be implemented by configuring cryptographic libraries, hardware security modules, or key policies

Common applications include email signing (such as S/MIME or PGP) where messages are signed to prove authorship

Security considerations include the fact that signingonly does not provide confidentiality; anyone with access to the

See also digital signature, code signing, S/MIME, PGP, JSON Web Signatures, PKI, HMAC, and API signing.