> I'd like to, but the people I email don't know how to (or won't) use encryption.
The situation today is even less conducive to getting the people I email to use encryption than it was 10 years ago. In the past there was maybe a chance I could convince people to install a plugin, or in the case of family members I could set it up myself when visiting. But now everyone uses Gmail, and often uses it from multiple devices, which makes that difficult. There are browser plugins that will try to do GPG in Javascript, but they seem to break routinely with Gmail changes, and the one that used to be most used (FireGPG) was discontinued. And the Gmail app on mobile devices doesn't support such extensions anyway.
It's not just that people are using webmail that's preventing PGP adoption - it's that PGP, specifically, is orthogonal to usability and convenience of email.
I, for example, am capable of encrypting my email but I actively don't care to. I'm in the "I don't, because the content of my email is just not that important." on the poll.
Webmail's prevalence may make PGP adoption more difficult, but I want more webmail prevalence and I don't care about PGP adoption and I'm pretty confident that's the way the world's going to go. Someday there will be something webmail-like which has encryption anyway and that might catch on - I'd even use it. In the meantime? People who need it can use special tools.
You may not think that your email's that important but your unwillingness to care means you've inadvertently extended that judgement to everyone else who may want to correspond with you. This effect worries me the most about our modern, connected world.
NB: Just to be absolutely clear, I'm not picking on you specifically (and I suspect there are many people who hold the same opinion as you). I'm just trying to point out what I see as a problem with the "my email isn't important" argument.
I don't really see email as any more secure than snail mail right now (which can be taken from your mailbox and read, albeit with stiff legal threats if anyone catches you). There wasn't an appropriate poll option for "I don't care because I don't think email can be both effective and secure in the near future and I prefer effective".
People who need encrypted email will figure out how to do it and I think that's enough for now. I don't think lamenting how slow PGP adoption is makes sense, though - it will never, in its current form, be mainstream.
I personally consider webmail to be way inferior to any decent standalone client. I only use it out of necessity, when no other option is available. Thudnerbird with Enigmail and IMAP+SMTP do their job just fine otherwise. But the fact that many people have no clue about encryption makes it harder to use.
I don't think PGP is complicated. I think the implementations are subpar (mainly due to lack of interest toward encryption and thus "good enough" generally won)
Even the command line gpg options aren't quite right..
gpg4win[0] works -- or it did the last time I used it anyway (several years ago) -- and from a quick search I found "Outlook Privacy Plugin"[1] (for 2010 and 2013).
Unfortunately, the best solution I've found for Windows is the commercial PGP product[2]. It's not free or open source but it does work and it configures itself for opportunistic encryption, so that's a plus.
People who use Gmail can use Thunderbird with Enigmail. It works very well and there are detailed tutorials available. I agree though, it's still not as easy as it should be.
K-9 mail still only works with inline PGP though, not with PGP/MIME. K-9 Mail is so close to being the perfect mobile email client IMO. Open source, decent UI, fast, fully featured, but it's half-finished PGP implementation is so frustrating.
Also, APG it's self still lacks a bunch of features, and it seems to have been abandoned.
I want a Firefox OS phone, but until there is an email client which supports PGP, it will be useless to me.
> And the Gmail app on mobile devices doesn't support such extensions anyway.
It should be easy to do such things using Substrate. (I'd even argue easier than via JavaScript, as backend logic code and variables cannot be hidden and protected inside of closures.)
The situation today is even less conducive to getting the people I email to use encryption than it was 10 years ago. In the past there was maybe a chance I could convince people to install a plugin, or in the case of family members I could set it up myself when visiting. But now everyone uses Gmail, and often uses it from multiple devices, which makes that difficult. There are browser plugins that will try to do GPG in Javascript, but they seem to break routinely with Gmail changes, and the one that used to be most used (FireGPG) was discontinued. And the Gmail app on mobile devices doesn't support such extensions anyway.