I had a lengthy discussion on AIM with Chris before I left from work today. He had read my blog entry and wanted to get some more information on the encryption problem, as I saw it. We talked about the additional things that administrators will have to manage along with the emails that have been archived. At a minimum, you need to keep accessible copies of Notes IDs of all terminated accounts for at least as long as you keep email in the archives. But do you also need to keep their person document and an empty copy of their mail file? And since the body is encrypted, it can't be indexed by the search engines. How does that hamper your company when trying to comply with a subpoena? How do you include encrypted emails in the export from the Archive?

In case you are unaware of how native Notes mail encryption works, here is an excerpt from the Domino 6 Administration Help Database:

How outgoing Notes mail encryption works

1. The sender sends an outgoing message and selects the Encrypt option.
2. Notes generates a random encryption key and encrypts the message with it.
3. Notes encrypts the random encryption key with the recipient's public key and appends the new key to the message. The recipient's public key must be stored in either a Domino Directory or LDAP directory that a user can access or in the sender's Personal Address Book.
4. If the encrypted message is addressed to multiple recipients, the message is encrypted only once with one random key, and the random key is encrypted using the public key of each recipient.
5. When the recipient attempts to open the encrypted message, the user's mail application attempts to decrypt the random key, using the recipient's private key. If this is successful, the random key decrypts the message.
6. If decryption is successful, the recipient can read the message. If decryption is unsuccessful, the user receives a message indicating that the decryption failed and the mail application does not allow the user to access the message.

All except 1 of the archiving solutions that have been demonstrated have used Native Mail Journaling to get a copy of the email for them to archive. Here is how journaling handles encrypted emails:

A message that Notes has previously encrypted for its recipients is not re-encrypted with the certified public key of the specified Journal user. As a result, when depositing encrypted messages in the Mail Journaling database, Domino preserves the original encryption, so that the message content cannot be decrypted with the ID of the designated Mail Journaling user, unless, of course, that user was included in the original recipient list. A Mail Journaling user who was not on the recipient list can view header information only.

So, basically, if encryption of email is allowed, or even required, a significant number of additional things need to be managed along with just email. This is compounded greatly if you use Exchange and have a third party encryption package. Imagine having to get users to send you tokens that they create when they start using encryption. And what do you do if a token gets lost or the one copy of the file token file you have gets corrupted? I am not sure that IT departments or the Archiving Solution vendors are even thinking about this.