The spec says: "In order to send digitally signed emails, you must have your own Digital Security ID (digital signature, public key, private key). In order to send encrypted emails, you must have certificates (digital signature, public key) for each of the recipients."
If a new user receives a signed message, will that user be able to respond with an encrypted message without obtaining their own personal certificate? Previous versions I recall didn't allow this to happen. - Dave.
