OpenPGP e-mail signing/encryption question

[Anton Markov]

Hello everyone,

A couple of nights ago I decided to look into how to sign/encrypt 
e-mails.  I figured out the Enigmail stuff, and got it installed and 
working fine with Mozilla Thunderbird (a great e-mail reader by the 
way).  I just have two questions:

Should I use the same key for encrypting and signing messages, or am I 
suppose to generate different ones for each purpose?  From what I 
understand (this is my first time looking into this issue) I give out my 
public key in order to receive encrypted messages.  However, I have to 
give out my private key in order to sign messages or something. This 
doesn't make sense to me (why give out both keys), so either I am wrong, 
or I don't know something.  Any clarification would be appreciated.

Also, which key server should I use to share my key? Should I upload it 
to several, or are they all synchronized like DNS servers?  Lastly, is 
it possible to change the key once it is sent (or at least the comment)?


I know this is a little off the Linux topic, but any help would be 
appreciated.

P.S. PGP is so much easier to set up in Linux vs. Windows!

Thanks in advance,


Anton

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml