Arvola, Why would an decryption key be tied to a service? It could be tied to the From/CPAId I suppose The same service might be used by many parties. In any case, when I encrypt something for you then I use your Public-key which means it is YOUR key which does the decryption. Which headers are used should be implementation specific. This is just another message to be constructed by the MSH. I would think you MUST have a MessageHeader (From/To/MessageData/CPAId etc.) and a Manifest (with a single reference). You could have other headers like AckRequested. I think we should not dictate which headers. This message should be constructed as any other. I only point out that it is not necessary to recraft all the headers since many (especially MessageHeader) can simply be copied from the original with a change in Service/Action. In the case of encryption, even the MessageId could remain the same -- although maybe/maybe-not in other cases like adding a payload. We would need to think about the possibilities? Regards, David Fischer.