Don't see how signing a doc thru code is any less secure.

You still need a certificate, just using code to remove the grunt work
of signing individual docs.

For example, see signcode.exe. It's a command line tool that allows
signing code (dlls, exe, etc). This could easily be automated if one
was
so inclined.

Wonder why there is no comparable tool for signing other files, incl
..doc?