I may be way off here, not sure exactly what you mean by 'digitally signed' as it relates to a cookie. You might want to take a look at CGI::Session. It will set a cookie on the client's browser with a long cryptic string which relates to a local file on the server which contains whatever serialized data you want to store with the session. That way when a subsequent http request comes in with that session's identity, you can access the data which has come in before on that 'session' and maintain 'state' across the requests.

'Digitally signed' suggests some sort of public-private key arrangement. `man ssh-keygen` will tell you more than you probably need to know about how to generate an encrypted key pair. You can use this tool to create keys for an encrypted web browser connection, or to permit password-less connections using the ssh protocol.

I've never heard of a 'digitally signed cookie' though. A google search on the quoted term turned up only nine hits, including two for your question. Google's spiders are quicker than my review of the newest nodes link, apparently.

-- Hugh