I do not think that PGP 2.x can easily (ie: Automatically) use one key for Signing and another for Encrypting a Message (it does both at the same time if you ask). If I "Clear Sign" a message and then Encrypt it, then I get the result but I'm not sure if doing the decrypt on such a message will automatically spot the signature and verify it (as would occur with a E+S pass).
Sure it can, and I know people who do. Here is what you do: 1) Generate two keys. First generate your encryption key, then generate your signature key. This way, your signature key will be placed first in your secret keyring, and it will be used by default. Alternatively, you could use two (slightly) different userIDs on the keys and put something in your config.txt 2) Extract the keys in reverse order into a single keyfile and then distribute that keyfile to people. This way, when it gets added to other people's keyrings, the encryption key will be placed first, and that will be used by default. 3) Proceed to use PGP normally. When you sign a message, it will find the signature key first and use that. When someone wants to encrypt to you, they will find the encryption key first. When verifying the signature or trying to decrypt the message, it uses the keyID to determine which key was used, so order does not matter. The only problem is that if someone re-orders their keyring then this will no longer work. E.g., if the keys are added in the wrong order. -derek