Inline Key Distribution Means placing the key along side the archive (on the server) Temptation for client to grab key there Attack: compromise binary, upload fake key which verifies Notable abusers: OpenSSH portable, SSH Communications, Cyrus, Gnuplot