Need some general email encryption information/advice.
We are running Exchange 2007 and have a large (several thousand) customer base . The decision makers in the company want to investigate exchanging keys as a way to be able to send out encrypted email. My argument to this is that every customer would have to generate a public/private key pair and send us the public key, which we would then have to keep up with and manage. I see this as an administrative nightmare and a completely unreasonable expectation to place on our customer base. Can anyone help with information and advice here? More evidence for or against? What I am looking for is concrete information why this would not be a good idea (if my assumptions are correct). My preference would be to use an appliance (hardware) that would automatically encrypt outgoing email and manage the process for us.