Frank Hecker wrote:
> You could use your method to encrypt
> copies of messages stored on your local disk
[...]
> However it wouldn't work for sending
> emails to other people
There are (at least) 2 possible solutions:
1. The client creates 2 copies of the mail - one is encrypted using
S/MIME so that only the recipients can decrypt it. The client then takes
the second, still unencrypted copy and encrypts it for local storage,
with arbitary schemes (not necessarily S/MIME).
2. The client silently creates a self-signed S/MIME cert and uses that
instead of the cert issued by the CA for the author (our user). uses =
adds it to the recipients the way you described it.
In both cases, the user can send an encrypted mail without having a
CA-issued cert.
But I don't think, this has much practical importance, since the
recipients will want to answer encrypted, and for that, our user will
need to have a cert that can be sent out, anyway.
