ALL:
I would like to bring this thread to a close.
In my view, S/MIME 3 already support three key/message recovery schemes.
First, the CA can keep a copy of any key management private key (e.g.,
Entrust). Second, the originator can include a a recovery agent in the CC
list for every message. Third, a session key recovery scheme can be used
with the necessary fields carried as algorithm parameters (e.g., TIS).
None of these approaches requires a change to the protocol specification.
And, I am strongly opposed to requiring the use of any particular scheme.
Please, on resolution of the open issues.
Thanks,
Russ Housley
S/MIME WG Chair