[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Different Keys for Signing and Encrypting
> unfortunately, you can't predict their behavior, and if you change
> encryption keys more often than signature keys, they'll load the
> newest encryption key last.
Actually, the most recently-added key will be the one that is
used.. So updating your encryption key works fine, since the most
recent encryption key will be on top, and hense used first.
> For the problem that started this discussion, though, there's no good
> solution. Since the Bad Guys _can_ encrypt a message to you with your
> signature key, and send it to you by anonymous remailer, they can
> plant a reason to suspect that you may have evidence encrypted with
> that key.
True.. To get around this problem you need the concept of a two-key
certificate... However a rogue user could still use the signature
key to encrypt, so I'm not sure that even this would help the problem.