IMHO, the problem with someone using an extension is that generally speaking,
they will only be able to recover half of the mail (i.e. the mail that the
modified client sent). If the methodology for using corporate keys
(differentiated from key recovery which I agree shouldn't be in the spec) is
not included in the spec then from an customer implementation point of view,
the solution is not practical. Unless a customer can say that in order to send
me an S/MIME message you must also encrypt to this key, then the majority of
clients will not perform that encryption. If multiple client vendors are going
to be pushed for this type of solution (which we and at least one other that
may choose to identify themselves are), then it will make everyone's life
easier to agree of a methodology in a standard based way.
Steve