At 23:50 8/30/95, MONTY HARDER wrote:
I recommend that anyone who will be using escrowed keys generate two pairs: First, the signature key, including in the userid some kind of [sig use] identifier (we should settle on a standard abbreviation for this) follower by the encryption key. This way, when a person gets your pubkeys, they get the encryption key =last=, which gets it searched first whenever they PGP -e... something.
Whatever arrangements are made for escrowing my encryption key, =nobody= gets my signature key. If I am fired, quit, become brain damaged or dead, my key can never be used by anyone to implicate me in any criminal activity.
Please don't mention to anyone the fact that my signature key can be used to send me something that even the escrow agents can't read....
I do not think that PGP 2.x can easily (ie: Automatically) use one key for Signing and another for Encrypting a Message (it does both at the same time if you ask). If I "Clear Sign" a message and then Encrypt it, then I get the result but I'm not sure if doing the decrypt on such a message will automatically spot the signature and verify it (as would occur with a E+S pass). PGP3 is supposed to have the ability to have keysets that contain two keys for this purpose (ie: When you generate a key set you can ask it to generate separate Sign and Encrypt keys so that separate keys get used for each function).