Ralph, You are right. If there are needs for the application to have persistent encryption, then the application needs to pass an encrypted payload to the MSH. If the need is for confidentiality at the MSH level, then we need something along the lines of encapsulation. If BPSS decides to use XML documents at the application level then XML-Encryption may be an ideal solution for application level encryption. Regards, David.