As a Corporate Security Officer, I personally would prefer a solution like Adam Back's CDR that leaves the copy of the corporate data on the user's hard drive to the current PGP CMR. As long as the email data didn't need to be encrypted during local storage (i.e. encrypted against the possibility of industrial espionage), I wouldn't care whether the copy of the corporate data was encrypted -- actually it would be a lot easier to leave it in plain text (as I think Tim May suggested). (A single file in Unix mail(1) file format would make a nice auditing/reporting tool, so you could remember what you had sent to whom all in one place.) Corporate keys as in PGP CMR just means another key to manage that provides a single point of weakness in the company's security architecture. Without forcing everyone to run on a secure OS on hardware they can't directly access (i.e. no desktop computers), any additional security provided by a CMR system (as in providing unalterable records of encrypted email that was sent) can be easily bypassed. OpenPGP, meanwhile, should work on non-GAK/CAK solutions, while PGP Inc. should come up with a new product name (like 'BizSecure' only less whimsical) for its line of corporate encryption programs. (It might even be better business for PGP to set up a wholly-owned subsidiary, whose name does not even incorporate the term 'PGP' or its derivatives, for marketing such products, as those products would not be tainted by personal privacy reputation of the name 'PGP'.) 'BizSecure' and its kindred would then interoperate with OpenPGP standards only to the extent of the common non-GAK/CAK functionality of the two systems. ========================================================== Mark Leighton Fisher Thomson Consumer Electronics fisherm@indy.tce.com Indianapolis, IN "Their walls are built of cannon balls, their motto is 'Don't Tread on Me'"