Hi All, I'm trying to implement EFS and struggling a bit with understanding certificates/private keys. I've read all the KB articles and Technet White papers on EFS, but they all gloss over the nuts and bolts of the certificates and private keys. I know how to import/export certificates. What I want to do is this: - Encrypt data on machine A as User A - Copy the data to machine B. - Be able to view/use/write to that data on machine B as User B - Copy the data back to machine A - Use the data on machine A as User A In other words, I want two users to have the same certificate and private key. Having each user be the Recovery Agent for the other won't work because I think the RA can only *decrypt*. I've played around with exporting certificate with private keys, but had mixed results. Anyone know how to achieve the desired result (two different users, on two different machines, each using the same key pair and able to decrypt files that the other has enrypted)? Many thanks, Jeff Durbin