Plain and simple with or without CMR if the government is going to pass
laws requiring that all messages be encrypted with a government key then
you are f**ked, plain and simple. CMR is not required for them to do it,
plain old PGP 2.6 will work just as well. If they are going to start
passing draconian laws in regards to encryption nothing done here will be
of any importance as they will outlaw anything that does not conform
(volentary GAK will never work and they know it).
The WHOLE POINT is that we don't want to make it any easier for any
government to impose such laws. If CMR becomes widespread, it is very
easy for a government to pass a law saying "This GMR key must be used as
a recipient on all messages". If everyone is using CMR already, few
people will see this as particularly controversial. Even worse, it
allows governments to force such schemes on other countries without such
laws. If the US passed such a law, all US citizens' keys would have an
ARR for the GMR key. So if someone living in a country with more
sensible legislation sent the US citizen a message, it would still be
snoopable by the NSA. Is this what you want?
Debating what should or should not be in the Open-PGP specs based on what
law some government may or may not pass in the future does not have a
Au contraire. The overall aim of this exercise is (at least, I used to
think) to improve everyone's privacy and prevent Big Brother taking
over. To quote Phil Zimmerman:
"It's poor civic hygene to install technologies that may someday
facilitate a police state."
[Source: Bruce Schneier]
I would say a central principle of Open PGP design should be that we do
not do this.