Bob could require/request his customers to prepare their messages in
two passes, the first one to clearsign them and the second one to
encrypt them. Then when he processed the messages he could decrypt
and leave a clearsigned message, on which the signature could be
checked but the message left in clearsigned form.
We at NetAss have considered changing the default behavior of the
encrypt-and-sign option to behave in this manner (clearsign then encrypt).
Unfortunately, messages prepared in this way require users with current
client software to manually run two passes to decrypt and verify.
The need for backwards compatibility has prevented us from going forward
with this scheme.
We have had some discussion on OpenPGP of a flag, perhaps in the literal
packet, which would indicate that messages are in this form. Perhaps a
future version will have a clean way of doing this.
Hal