diff --git a/lib/chibi/snow/commands.scm b/lib/chibi/snow/commands.scm
index 20961924..c8958696 100644
--- a/lib/chibi/snow/commands.scm
+++ b/lib/chibi/snow/commands.scm
@@ -779,7 +779,7 @@
                        (call-with-input-file package port->bytevector)
                        package))
          (snowball (maybe-gunzip raw-data))
-         (digest (digest-func snowball))
+         (digest (delay (digest-func snowball)))
          (keys (call-with-input-file
                    (or (conf-get cfg 'key-file)
                        (string-append (conf-get-snow-dir cfg) "/priv-key.scm"))
@@ -787,25 +787,29 @@
          (email (or (conf-get cfg 'email)
                     (assoc-get (car keys) 'email)))
          (rsa-key-sexp (find (rsa-identity=? email) keys))
-         (rsa-key (extract-rsa-private-key rsa-key-sexp)))
+         (rsa-key (extract-rsa-private-key rsa-key-sexp))
+         (use-rsa? (and rsa-key (conf-get cfg 'sign-uploads?))))
     (append
      `(signature
        (email ,email))
-     (if (and rsa-key (conf-get cfg 'sign-uploads?))
+     (if (or use-rsa?
+             (not (conf-get cfg 'skip-digest?)))
+         `((digest ,digest-name)
+           (,digest-name ,(force digest)))
+         '())
+     (if use-rsa?
          (let* ((sig (fast-eval
                       `(rsa-sign (make-rsa-key ,(rsa-key-bits rsa-key)
                                                ,(rsa-key-n rsa-key)
                                                #f
                                                ,(rsa-key-d rsa-key))
                                  ;;,(hex-string->integer digest)
-                                 ,(hex-string->bytevector digest))
+                                 ,(hex-string->bytevector (force digest)))
                       '((chibi crypto rsa))))
                 (hex-sig (if (bytevector? sig)
                              (bytevector->hex-string sig)
                              (integer->hex-string sig))))
-           `((digest ,digest-name)
-             (,digest-name ,digest)
-             (rsa ,hex-sig)))
+           `((rsa ,hex-sig)))
          '()))))
 
 (define (command/sign cfg spec package)
diff --git a/lib/chibi/snow/commands.sld b/lib/chibi/snow/commands.sld
index f8134bc4..169f2419 100644
--- a/lib/chibi/snow/commands.sld
+++ b/lib/chibi/snow/commands.sld
@@ -19,6 +19,7 @@
           (scheme char)
           (scheme eval)
           (scheme file)
+          (scheme lazy)
           (scheme load)
           (scheme process-context)
           (scheme time)
diff --git a/tools/snow-chibi b/tools/snow-chibi
index 1b9e43bd..34595703 100755
--- a/tools/snow-chibi
+++ b/tools/snow-chibi
@@ -62,8 +62,10 @@
     (ignore-signature? boolean ("ignore-sig" "ignore-signature")
                        "don't verify package signatures")
     (ignore-digest? boolean ("ignore-digest") "don't verify package checksums")
+    (skip-digest? boolean ("skip-digest") "don't provide digests without rsa")
     (skip-version-checks? boolean ("skip-version-checks")
                           "don't verify implementation versions")
+    (sign-uploads? boolean ("sign-uploads") "sign with the rsa key if present")
     (host string "base uri of snow repository")
     (repository-uri string "uri of snow repository file")
     (local-root-repository dirname "repository cache dir for root")