This question asks why do most signing schemes use SIGN(m) = m || Ekr(H(m))
instead of the SIGN(m) = Ekr(m || nonce)?
The options are because hashing m provides more security,
to improve efficiency, to make it so that it is not necessary to perform
asymmetric decryption to validate a certificate,
or to provide resistance to small message-space attacks.
