-The signature file (a gray image) is GPG encrypted file using a
-symmetric cipher. The passphrase is "weakpassword" (without
-quotes). You will want to customize this. For this file, you will also
-need GPG installed in the system.
+
+Encrypted signatures files
+===========================
+
+If you'd like, you can encrypt the signature file. There are several
+lines you in the Makefile you can uncomment to do this. We've included
+an optional encrypted copy of the fake signature file. To use it, the
+passphrase is "weakpassword" (without quotes). You will want to
+customize this. To use this, you will also need the GNU Privacy Guard
+(GPG) installed on your system.