The particular heavy use of the KEK that Russ cited is a side effect of the
mailing list key management approach adopted by MSP, and later by S/MIME.
It is driven by a strong desire to NOT distribute KEKs more frequently, or
on a piecemeal basis, because of the costs of doing so. So, in this case,
I think we just have to live with this as a problem constraint for the
S/MIME environment. However, I agree that there may be lots of better ways
to go after the KEK in these instances, givens its widespread distribution.