jon@pgp.com wrote:

This is exactly CMR. The only thing that Business 5.5 does is automatically add the department for you, and put up the recipient dialog so it can be taken off. Congrats.

On the contrary, it is *not* CMR. CMR encrypts to multiple keys for a single recipient. This system only ever encrypts to one key per recipient. PGP 5.5's ability to force people to encrypt to multiple keys for one recipient is the evil aspect of the design, because it's the one which allows it to be used to enforce GAK. PGP's CMR can be used to force everyone to encrypt to the FBI as well as the NSA. My system can't. I tried very hard to make this distinction clear in my description. I'm amazed that so many people seemed to miss it. Mark