Most kits included on the OpenVMS Version 8.3 distribution
media are signed using Secure Delivery.
Most of the software kits included on the distribution media
are now signed using Secure Delivery. A notable exception is the
OpenVMS operating system, which is not signed because it is shipped
in bootable form rather than as a signed, single file kit.
For OpenVMS I64, when you install or upgrade the operating
system by booting from the distribution media, layered products
that have been signed are validated by the PCSI utility with the
aid of a digital signature file (also referred to as a manifest).
Validation involves using the Secure Delivery component of CDSA
to authenticate the originator of the product kit and to verify
For OpenVMS Alpha, layered product validation is not performed
initially when installing or upgrading from the distribution media
(CD). This restriction is due to space limitations of the OpenVMS
Alpha distribution CD, which prevents CDSA from being present in
usable form while booted from the CD. However, after installing
or upgrading OpenVMS to Version 8.3, any signed kits that you install subsequently
are validated, including signed kits that ship on the distribution
In addition, on both OpenVMS Alpha and OpenVMS I64 systems,
the DCL command PRODUCT SHOW HISTORY displays the validation status
of installed products and identifies those that were installed from
unsigned kits or were installed prior to the availability of the
Secure Delivery functionality.