We are looking at encryption, but one of the key stumbling blocks is in the
area of key management.

Questions:

1.  Should ADSM allow for keys to be changed on a time basis?
2.  Should ADSM administrators set the keys and provide to end users, end
    users only set the keys, a combination of above under admin control, etc?
3.  If keys are allowed to be changed, then is the user/site willing to
    sign up for prompting the end user to enter key-1, key-2, ... key-n
    for all files to be restored?
4.  Is encryption just needed for transmission and not storage?  ie:
    encrypt the data over the wire with the session key, but decrypt it before
    it is stored since the physical media is protected?  Are sites willing
    to take the performance penalty for the dual encryption?

There are a lot of questions, and depending on what type of industry your
company is in will dictate your requirements.  Please let us know what you
would like in a priority order.  Thanks,

Paul Bradshaw