Digitally signing files
When you want to digitally sign a file, you can either make an embedded signature or a detached signature. The disadvantage of the embedded signature is that the original format is mangled. You have to "unpack" the file to another file (the process of verification does this) to be able to use it. Not very convenient. Detached signature preserves the original format, but stores the signature in a separate file. Unless you have a convention and hold firmly to it, you will have problems with pairing up signatures and their corresponding files. Modern filesystems open up a third possibility: a signature can be placed into a file's extended attribute. This solves both problems: the file's original format is preserved, and the signature is still attached to the file.