Do You Code Sign?

Lately Saqib Ali asked on SlashDot: "I am a regular reader of Bruce Schneier's Blog, Articles, and Books, and I really like what he writes. However I recently read his book titled 'Secret and Lies' and I think he has done some in-justice to the security provided by the 'Code Signing'. On page 163 of his books, he (Bruce Schneier) basically states that: 'Code signing, as it is currently done, sucks'. Even though I think that Code Signing has its flaws, it does provide a fairly good mechanism for increasing security in an organization."

What are your thoughts on the current methods of code-signing in existance, today? If you feel like Bruce Schneier, how would you fix it? If you feel like Saqib Ali, what have you signed and how well has it worked?

Read more about it on SlashDot