For those worried about the loss of keys, do what we do in our company.
Any new or changed encryption key is always in two parts. The security team typically enters one half and the DBA's enter the second half. Neither of us know the other's password. Plus, we have our half of the key written down and locked in the CIO's safe and so do the security folks.
Back up your keys and you should be good to go.
Gaby________________________________________________________________"In theory, theory and practice are the same. In practice, they are not." - Albert Einstein