Standards are a well which we may all freely drink from, for inter-operability and extensibility. They provide a way for different vendors, with varied solutions for an issue, to interchange information. The analogy of true open standards to a public 'commons' is well-taken.

The end consumer of the information benefits from an ecology of competing implementations, striving to deliver more value, less expensively, or in a technically more advanced fashion. Or maybe with more shiny chrome.

In the proprietary world, one seeks to use 'standards' as just another marketing tool, to 'bully' end users into stampeding into hasty adoption of a possibly broken model. The glacial pace of development and consensus on 'true' public standards embodied in the IETF standards track, and related national standards bodies will almost always mean that such a standard will issue later, but permit broader and more reasonable inter-operability.

We are all familiar with the wry observation: The nice thing about 'standards' is that there are so many to choose between.

RFC 2440 defines a cryptographic signing infrastructure. First appearing in RPM-4.1, and using OpenPGP V3 packets is now implemented directly in RPM. The signature, if available, is always verified when reading a package, and failures are always reported.

JPackage Project has two primary goals:

To provide a coherent set of Java software packages for Linux, satisfying all quality requirement of other applications.
To establish an efficient and robust policy for Java software installation.

Your editor addresses the 'false standards' morass more here. See also the 'thought pieces' compiled at the Free Software Foundation philosophy page.