[rdxm]

The average user has no idea just how broken email is w.r.t. the concept of secure and private communication. Google's entire business is built on this broad ignorance. So for that matter is the the internet ecosystem in general if you expand the concept of use of data to include tracking of site access patterns, etc.

Moreover, it's certainly not in SV's vested interests (regardless of recent protestations to the contrary by google, facebook, etc) to see secure mail become the standard, and by extension to broadly educate and move the consuming public to a mindset of security first.

All of that said, the average end-user is/would be befuddled figuring out the use of shared pub keys, the web of trust concept, and in moreover, PKI in the bigger picture.

And even if you could get broad use of pgp going for message payload privacy/security, you don't solve the problem of metadata if you are using the current email protocol.

It's long past time for a new persistent messaging protocol that addresses metadata leakage and payload security comprehensively. There are people working on this now. Hopefully that will drive some positive steps forward on this issue.