- How to create the three keypairs and give the private keys of the multisig addresses to three different Escrow agents in such a way that the private keys are not revealed to anyone (even the creator)?
The private keys has to be known by the 3 escrow agents. The link stated only serves as an example as to how that specific multisig address was generated. In reality, the multisig address is created by using the public keys of the addresses belonging to the 3 escrow agents.
- What's best cold storage method with pros and cons? (i.e. HW wallets: if the period T is relatively long, new firmware may be released to patch vulnerabilities. An update process needs to be defined)
Hardware wallet may have some difficulty signing raw transactions for multisig transactions depending on the hardware itself. You have to choose a wallet which allows you to sign and broadcast raw transactions.
You don't really need to have 3 escrow agents. Multisig works perfectly with one escrow agent and both Alice and Bob hold a key each. For that multisig set up, it would be a 2-of-3 multisig and 2 parties would be needed for the funds to be released (Alice/Bob, Alice/Escrow or Bob/Escrow). It would still be safe since either both parties have to agree to release the funds or the escrow have to agree with one of the parties.