Certain types of cryptography may be used by application (e.g., computer program) vendors to sign application packages prior to distribution. An application vendor may sign an application package using a private key and the signed application package may then be distributed along with the vendor's public key. It may be difficult for a user of the application package to verify the authenticity of the public key distributed with the application package, among other things.