BS> For the problem that started this discussion, though, there's no good solution. BS> Since the Bad Guys _can_ encrypt a message to you with your signature key, BS> and send it to you by anonymous remailer, they can plant a reason to suspect BS> that you may have evidence encrypted with that key. You've got it backwards. The problem that I originally posited was a corrupt key escrow agent using my signature key to forge a document. The fact that my signature pubkey could be used to encrypt messages to me is not particularly relevant. My employer could set up filters to keep me from recieving email on company time that is not encrypted to a key that the corporate escrow authority has in its possession. NBD. My concern here is with the NGACK situation. Companies have valid reasons to want escrow for their own purposes. I'm just warning people not to accept a signature key being escrowed by =anyone=. When you create a key to be escrowed, make sure the userid includes something like [Not Valid For Signatures]. * Pro Choice on Abortion. * No choice on Education. * Huh? --- * Monster@FAmend.Com *