David,
In S/MIME v3 there is no connection between "sent by" (the From:
field in the unsigned RFC-822 message header) and "signed by"
(the name(s) contained in the certificate that validates the
signature). V2 required certificates to contain an rfc822
address and for that address to match an unsigned header field;
those limitations were removed in v3.
Does this mean that you don't actually need any rfc822 address
at all in the certificate. I.e. the s.c. "e-mail certificates" is in
v3 essentially a dead item?
Personally I think this is great for the reasons you mentioned!
Anders