Key point: this isn’t (just) about PGP or SMTP, it’s email as a whole system:
Even after we replace PGP, encrypted email will remain unsafe. Here’s why:
- If messages can be sent in plaintext, they will be sent in plaintext.
- Metadata is as important as content, and email leaks it.
- Every archived message will eventually leak.
- Every long term secret will eventually leak.