Now we know of course about state-level actors spying on the internet traffic, at least since 2013 there is no denying. So there has been tremendous success in deprecating unencrypted HTTP traffic. Shouldn’t the same be done for emails?
Sure, but I just don’t see it happen by means of individual certificates. Even the tech crowd is struggling when it comes to mobile email usage. As to the rest of the world, good luck explaining them why they need to jump through so many hoops, starting with why webmail is a bad choice. In fact, we considered rolling out email encryption throughout a single company and had to give up. The setup was simply too complicated and limited the possible use cases too much.
As far as I’m concerned, email signing/encryption is dead (cache)
I am using the GPG Suite on macOS and I have to agree that every OS update is painful mostly because of Apple. Most of the time, it’s even the blocking point for my update because I need my few encrypted emails to remain readable.
I’m still wondering if that’s a lack of concern or deliberately intentional. No conspiracy here but privacy is some part of their business competitive advantage and they will sooner or later use it natively for good old emails.
Just a guess.