[Avamander]

LE for domain-validated code signing would be good as well. Knowing an executable came from a trusted domain even if it was mirrored or rehosted sounds nice.