Finally, somewhere in these documents there is a statement regarding the
advisability of including the content encryption key encrypted in the
originator's public key, but despite rereading the documents multiple
times I can't find that text again. As I recall, the text said that this
SHOULD be done. I would argue that this should be changed to MUST, for I
can't imagine a situation where the originator of an encrypted message
would not want to be able to read his own message, for example in an
outgoing or Sent-Mail queue. He might need to be able to decrypted, and
even retract it in order to resend it with modifications. It would not be
reasonable to rely on the originator to bcc herself to gain this
capability -- it ought to be required by the spec.
[Jim Schaad] This was a requested functionality by a group of people and is
there for a reason. One situation in which this would be the case is human
rights workers sending encrypted mail to the home office. They do not want
the local police to be able to read the mail by stealing the machine and key
or by force.
jim schaad