[devit]

Isn't it enough to automatically change the public key used to encrypt messages sent to you periodically, signing the updates with your own master key? (where the master key is only to be used for signing, not decryption)

When you change the public encryption key, you decrypt all messages received under the old key, re-encrypt with a local key, and destroy the private decryption key.

This way, someone getting your private encryption key cannot decrypt intercepted ciphertext he got before your last key change.

Obviously it requires to change PGP to get a new signed encryption key every time (unless there's some extension that already does it?)