Our entire organization requires PGP Whole Disk Encryption (WDE) to be used on all laptop and desktop computers. For Macs running Mac OS X 10.5 or later that are using Time Machine, the (local) Time Machine backup disk must also be encrypted.
One of the promises of Time Machine is that, in the event that your boot drive fails, you can replace it with a new, empty disk, boot from the DVD that came with the Mac, and restore the boot volume contents from the Time Machine backup disk onto the empty disk.
Unfortunately, in our case, since the Time Machine backup disk is also encrypted using PGP WDE, the boot DVD cannot read it and therefore cannot recover data from it. There are several obvious sloutions that I've read about on the web, including:
Create a bootable DVD or hard disk that is the same as the DVD that came with the Mac, except that it also has PGP WDE installed.
Boot the Mac that has the failed drive in FireWire target disk mode, then connect it to another Mac that has PGP WDE installed and use that Mac to decrypt the Time Machine volume. Then follow the usual DVD-based Time Machine recovery procedure.
These both sound like they should work. What I'm looking for is a testimonial from someone who has actually done it at least once, using one of these techniques or another one, and seen it work. Please also provide as much detail as you can for the technique that you used. (E.g., if you created a bootable DVD with PGP WDE installed, what software did you use to make it?)