Steve,
I agree that PEM would be more flexible with regard to key
management and signature algorithms if it supported the option for
separate signature and key exchange keys, and thus the possibility
for separate (or combined) certificate for each. However, I don't
think that having a user certify his key exchange key is
necessarily the best approach to doing this (one should carefully
examine the implications for certificate validation semantics) and
I convinced that there are real modifications to the PEM message
format and processing semantics that would be required to do this.
Let's not go off thinking this is a simple change, the way PEM-
MIME integration was originally perceived.
Steve