[bogomipz]

>ProtonMail fought the referendum, but hasn't updated this "Why Switzerland?" page: https://protonmail.com/blog/switzerland/"

Agreed, and that referendum was back in September of 2016. That's almost 9 months ago. This seems really disingenuous.

And the referendum didn't just eek by but it passed by 65%.

So if the Swiss domicile doesn't offer the protections it once did, why would I choose this provider over any of the half a dozen others well-known companies in the space.

[teekert]

Because they still can't read your email, nobody can, even thought it is on their servers and crossing Swiss borders.

[Caprinicus]

Then they should stop claiming that switzerland is protecting them to a degree that they aren't anymore, and explain why their encryption is still secure

[bogomipz]

I was asking why I would choose them as a VPN provider over any of the others.

[earenndil]

See now, this is the part I don't get. Assuming that you don't encrypt your email with pgp (reasonable, if you're emailing someone who isn't very techy) and aren't emailing someone else who also uses protonmail, there's nothing stopping them from making an unencrypted copy of every email they receive.

[teekert]

The decryption only takes place on your local machine. Of course, you'd either have to check the source or, trust them. It very often comes down to trust.

[zeta0134]

I was trying to do some research to refute this claim, and my ignorance of email standards has once again reared its ugly head. I thought DKIM was for encryption, but it's apparently just for verification? Email is still primarily sent in the clear?

I'm at a loss. What a mess.

[simon_acca]

Email is not primarily sent in the clear these days, most providers implement SMTP over SSL/TLS, here you can find some nice stats of such traffic that passes trough google[0].

Of course this means that emails are only encrypted "in transit", that is, in the transmission from server to server, so you have to trust your provider.

On the contrary, PGP gives you end-to-end encryption, so you only have to trust your machine and your correspondent 's.

0: https://www.google.com/transparencyreport/saferemail/

[johnp_]

DKIM solves authenticity and integrity, but not privacy.

[DKnoll]

Domain Keys Identified Mail. ;)

[Markoff]

can you please recommend some of those well known email companies?