Another thing is, if you are going to combine signing and encryption, you should sign a plaintext message first, then encrypt it. It avoids this problem: - -----BEGIN PGP MESSAGE----- - -----END PGP MESSAGE----- See the dash and space at the beginning of those lines? The recipient has to manually remove them in order to decrypt the message, and that's a pain in the ass, especially for a vendor who deals with dozens of encrypted messages a day.