From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 1 Sep 95 14:14:53 PDT
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Different Keys for Signing and Encrypting
In-Reply-To: <199509011912.MAA29475@ix8.ix.netcom.com>
Message-ID: <9509012114.AA00959@m37-332-6.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


> unfortunately, you can't predict their behavior, and if you change
> encryption keys more often than signature keys, they'll load the
> newest encryption key last.

Actually, the most recently-added key will be the one that is
used.. So updating your encryption key works fine, since the most
recent encryption key will be on top, and hense used first.

> For the problem that started this discussion, though, there's no good
> solution.  Since the Bad Guys _can_ encrypt a message to you with your
> signature key, and send it to you by anonymous remailer, they can
> plant a reason to suspect that you may have evidence encrypted with
> that key.

True.. To get around this problem you need the concept of a two-key
certificate... However a rogue user could still use the signature
key to encrypt, so I'm not sure that even this would help the problem.

-derek