On 24 aug 2009, at 11.53, Patrik Wallstrom wrote: > Perhaps the chain always would be like this instead: unsigned -> > (audit) -> signed. Then you always know the process. I agree, but in this case the auditor never has to run as a daemon, right? jakob