(This post was published on the original RMS team blog in September 2011.)

The AD RMS team recently had some inquiries on behalf of our customers about how to design an AD RMS solution that supports client-side storage of encryption keys and certificates. So we looked into it and now have an update on this topic that was just added to our current AD RMS FAQ on the TechNet Wiki site.

Check it out at: http://social.technet.microsoft.com/wiki/contents/articles/ad-rms-faq.aspx#ClientSideKeyCertStorage