Why create offline main key without encryption capabilities

[vedaal at nym.hush.com]

On 6/1/2014 at 10:55 AM, "David Shaw" <dshaw at jabberwocky.com> wrote:

>One reason is that in some places there are legal issues around 
>this.  You can be legally required to give up your encryption key 
>to the authorities or suffer the consequences (arrest / jail / 
>etc).  The idea is that if you have a different encryption and 
>signing/certification key, you can easily give up the encryption 
>(sub)key without compromising your (much more valuable) main key.  
>At least that's the theory - I don't know offhand if this "I'll 
>give you this key, but not that one" trick has been tested in 
>practice, and if so, which legal jurisdiction it was tried in, and 
>whether it worked or not.  (I'd be curious to find out, if anyone 
>has any pointers).

=====

Am also not familiar with any legal tests or precedents,
but the following could hypothetically just as easily be argued:

" I don't have a separate key for decryption. I'm afraid that if I give you my key, 
you can backdate the computer time and forge something in my name.
My signature would no longer be trusted.
So, I'm willing to provide you with the session key for any message encrypted to my key, which, presumably, is all you are interested in, 
but would prefer not to give you my key itself."

(GnuPG, as well as allowing generation of signing subkeys, and encrypting subkeys, 
also allows generating a key with both signing and encrypting capabilities, and not adding  subkeys .  8^)   )


vedaal