----------------
Confidentiality:
----------------
 - sender writes email msg
 - sender creates new random session key
 - sender encrypts email msg with new random session key
 - sender encrypts new random session key with receiver's public key

Convention for expressing encryption of data D under key K: 

	E( K, D )

Convention for expressing concatenation:	||

-----------------------
Encryption + Signature:
-----------------------
 - sender creates msg M
 - sender takes hash of msg M: 

	h = Hash(M)

 - sender signs h using his private key:	

	S = Sign( sender_privKey, Hash(M) )

 - sender generates new, random session key K

 - sender encrypts (using new random session key):  M || S

	C = E( K, M || S )

 - sender encrypts K (using recipient's pub key):

        C' = E( recip_pubKey, K )

 - sender sends:

        C' || C

        E( recip_pubKey, K ) || E( K, M || S )

 - recipient
  
   (a) decrypts session key K via:	

	D( recip_privKey, E( recip_pubKey, K ) )

       to obtain K

   (b) decrypts the message using K

        D( K, E( K, M || S ) )

       so now has M and the signature S

   (c) takes the hash of M and validates the sig S

       Verify( sender_pubKey, Sign( sender_privKey, Hash(M) ) )

This is most similar to the SSL construction which performs:

 A = HMAC( k1, M )

 C = E( k2, M || A )

then sends C.

-----
Refs:
-----
(1) RFC 2440, OpenPGP Message Format

 http://www.ietf.org/rfc/rfc2440.txt

(2)