You really do not understand what is going on here.
Hushmail would have the exact same problem, Hushmail is not all that different from Lavabit.
When you load a message from your hushmail encrypted inbox it is DECRYPTED on the server side using the password you provided at login, then the HTML representing the email contained in your inbox it is then ENCRYPTED by the web server using SSL and Signed Certificate that is recognized by a web browser, in Hushmails case that CA is thawte, in LB case the CA was GoDaddy and sent to you.
ALL HUSHMAIL USERS share the same SSL Encryption from the Hushmail server to their Browser, this is how the web works. There is no changing at least not by a single company.
The only way around that would be to not use HTTP, or web browsers. But then you could create an entire new messaging system like BitMessage, but LavaBit was attempting to give people private EMAIL, not create a new messaging protocol
This has no bearing again whatsoever on what the government can subpoena. Just because it "sucks" that you've designed your system that if the feds need access to one account you've configured it such that one must grant access to everyones account when you have to comply is par for the course.
You could say that the blame for Lavabit being shuttered is actually due to the technical design of the site and the compromises made for connivence. You should blame the site creator for that, not the USG for exploiting it.
I do not believe the USG has the right to the SSL keys, period
But it is clear you believe that the USG should have unlimited power with free reign to do whatever it wants.
Then do you believe that power extends to forcing a business or indivual to commit fraud? Lavabit had an agreement with both its customers and its business partner GoDaddy to NOT reveal the SSL Keys to a 3rd party, the second it was forced to do so, it had an obligation to disclose those keys were compromised, failure to do so is fraud.
Do you believe the USG should or does have the power to force people to commit said fraud
Hushmail would have the exact same problem, Hushmail is not all that different from Lavabit.
When you load a message from your hushmail encrypted inbox it is DECRYPTED on the server side using the password you provided at login, then the HTML representing the email contained in your inbox it is then ENCRYPTED by the web server using SSL and Signed Certificate that is recognized by a web browser, in Hushmails case that CA is thawte, in LB case the CA was GoDaddy and sent to you.
ALL HUSHMAIL USERS share the same SSL Encryption from the Hushmail server to their Browser, this is how the web works. There is no changing at least not by a single company.
The only way around that would be to not use HTTP, or web browsers. But then you could create an entire new messaging system like BitMessage, but LavaBit was attempting to give people private EMAIL, not create a new messaging protocol