By specifying the SIGN option, you can build a digital signature for a program object.
SIGN={NO | YES}
The default is NO.
If SIGN or SIGN=YES is specified, the binder builds a digital signature in the program object. The bound program object contains a signature information structure that the loader (or other programs) can use to determine the signature validity. This signature is used by the system only if the program object resides in a PDSE. To build the signature, the binder must have access to an appropriate SAF (RACF®) key ring or to a z/OS® PKCS #11 token. For further information, see z/OS Security Server RACF Security Administrator's Guide.