[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Different Keys for Signing and Encrypting



> unfortunately, you can't predict their behavior, and if you change
> encryption keys more often than signature keys, they'll load the
> newest encryption key last.

Actually, the most recently-added key will be the one that is
used.. So updating your encryption key works fine, since the most
recent encryption key will be on top, and hense used first.

> For the problem that started this discussion, though, there's no good
> solution.  Since the Bad Guys _can_ encrypt a message to you with your
> signature key, and send it to you by anonymous remailer, they can
> plant a reason to suspect that you may have evidence encrypted with
> that key.

True.. To get around this problem you need the concept of a two-key
certificate... However a rogue user could still use the signature
key to encrypt, so I'm not sure that even this would help the problem.

-derek