Amanda,
Several members of the PEM WG argued for retention of
symmetric key management in MOSS, as a logical extension of PEM, but
there was not widespread support for this as a requirement and so I
reluctantly gave up on that issue. It's a pity to see this issue
surface at this time, relative to the standards process, but if
customer interest is just surfacing one cannot blame the process.
Perhaps this is a topic to be resolved as implementors and users gain
experience with MOSS and may discover other features they would liek
to see.
As for using PEM with a MIME content type, you might select
some other string to define the specific case you are contemplating,
but otherwise your approach sounds reasonable. However, I doubt that
the PEM "installed base" (which is not all that big in the U.S.) will
be prepared to interoperate.
Steve