[me1010]

End users need to and can take control over their own email privacy. GPG. Ten minutes to download, install, and generate a key pair is all you need to secure your email. Perhaps the willingness to do so will increase when the government successfully argues that non-encrypted mail posted through an email server is the same as posting your thoughts on a public peg board...

If you want full compatibility, you can pay a small yearly [extortion] fee to the Verisign gatekeepers... but I prefer not to...

[mahyarm]

Pffft, GPG doesn't work if you want to communicate with other people. It's very difficult to get people to use it, and the UX is horrible for it. On top of that it's even harder to use on mobile platforms. GPG also doesn't have forward secrecy.

[me1010]

GPG works fine. It's difficult to get people to use encryption regardless of the implementation... I used to work for an organization that required, by written policy, all email to be encrypted. Everyone had an S/MIME cert with a short pin... the number of encrypted emails I received over a 7 year period was precisely - without exaggeration - '2.' People do not care about encrypted email, and don't want to bother with even the slightest inconvenience. This is by far the largest problem with encryption, much more so than any 'it's too difficult to use' excuse.

[marcosdumay]

Email can not have forward secrecy. You receive it in a time, and want to read it later.