Meant to post this to the list. Blame gmail.
---------- Forwarded message ---------- From: Nicholas Cole <nicholas.c...@gmail.com> Date: Tue, Dec 4, 2012 at 7:10 PM Subject: Re: Seperate RSA subkeys for decryption and signing or one for both? To: Hubert Kario <h...@qbs.com.pl> > How do you propose an attacker could force me to sign data I already > encrypted? I think the attack merely specifies a chosen text - but at any rate, the point is that there might be a system (eg. a badly designed time-stamping service) that might naively sign data supplied by an attacker, and in those cases having a signing and encryption key that are the same would be a Bad Idea. Note, though, that PGP 2.6.3 did use the same key for both; the attack is a (mostly) theoretical one. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users