But that's explicitly not a backdoor. That's straight forward, "If permission is granted from 2 opposing parties, crypt can be reversed". And that would have to be added to the crypt on cyphertext creation.
And the Bitcoin protocol has a similar thing, with escrow key permissions. Again, intended behavior, not some "super sekret backdoor".
That's being rather obtuse. I can easily parse that the contents are encrypted to X keys. I'm thinking of something obvious like GPG here.
I would accept the idea of a backdoor IFF the program encrypting hid the fact that it also encrypted to an escrow unawares to you, along with keeping that a secret.
No, I'm not being obtuse. I understand what you're saying; I believe that I understand why you think it's reasonable; and I totally reject the claim that it is not a backdoor. I don't care how many keys there are, and I don't care what the underlying technology is. If a group of people, no matter how many (other than the sender and receiver) can choose, by a designed feature of the encryption, to decrypt the communication, that's a backdoor, by definition.
And I assert that, no matter how carefully designed, a backdoor is always a bad idea.
Having two parties that have to agree is a mitigating feature. It makes it less bad. It doesn't make it good, though.
And the Bitcoin protocol has a similar thing, with escrow key permissions. Again, intended behavior, not some "super sekret backdoor".