A new and somewhat radical thread....
Because I believe the following to be true:
- Requiring key recovery is a bad thing (complexity, cost, implementation, etc.)
- Companies do have a need to access mail encrypted to or encrypted by their
employees (lost keys, legal investigations, etc)
- We are all working on methods of satisfying US export requirements so that we
can export a cryptographically useful product
- The is a middle step between full key recovery and no hope of recovery which
involves encrypting messages to a 'corporate key' in addition to a individual
public key when sending a message.
Basically, what is involved is changing the user certificate format to
designate a field for a second certificate which represents the corporate
public key appropriate for that user. An application intending to encrypt mail
to that user MUST then encrypt the message to both the user key and the
corporate key.
By no means am I implying that everyone that implements S/MIME leave a back
door into all of their messages. However, since most companies that are
implementing secure messaging are setting up their own CA (Entrust, OnSite,
Netscape, etc.) and they have control over what fields are populated and with
what information, they are able to choose whether or not they need visibility
into their own data.
As a side note, this is not a radically new concept as something very similar
has already been proposed and implemented by PGP.
Flames welcome.
Steve