Why can't my mom email me?

Why the mom’s emails were unreadable

  • Proton automatically encrypts outgoing mail if it finds a recipient key on keys.openpgp.org (KOO).
  • KOO’s operator states: email addresses are only published after verification; the OP’s address was verified and discoverable.
  • The recipient apparently lost or no longer used their private key, so encrypted messages appeared blank in their client.

What does publishing a PGP key imply?

  • One camp: uploading an encryption key, verified for a specific email, is an explicit invitation to encrypt mail to that address. That’s what public keyservers are for.
  • Other camp: PGP keys serve many purposes (signing packages, git commits, backups, password stores). Publishing a key with an email UID is not consent to default email encryption.
  • Several people note the distinction between signing and encryption subkeys and argue users often don’t understand or configure this correctly.

Opt‑in vs. opt‑out and UX expectations

  • Critics say Proton “silently” opted people into E2E for federated email:
    • No obvious UI cue, no per-recipient prompt, no easy way to see which key was used.
    • Encrypted mail may be undecryptable if the recipient’s PGP setup is old, experimental, or broken.
  • Suggested fixes:
    • Per-recipient prompts (“we found a key; encrypt?”) or opt-out toggles.
    • A standard flag or metadata indicating “use this key for email by default.”
    • Rely primarily on WKD/domain-level policy as a stronger, explicit signal.
  • Proton staff defend “privacy by default,” compare it to HTTPS-by-default, acknowledge this failure mode, and say they’ll improve visibility and possibly opt-out.

PGP usability and ecosystem limits

  • Multiple commenters recount ancient, forgotten, or unrecoverable keys and expired keys on servers.
  • Classic “Why Johnny can’t encrypt” research is cited: PGP remains hard for normal users, especially across devices and with smartcards.
  • Some argue email is simply the wrong medium for mass E2E; better for niche or expert use.

Alternatives and provider choices

  • Fastmail’s public rationale for not doing server-side PGP (search, spam, key loss, limited threat reduction) is discussed and largely respected.
  • Proton’s bridge and protocol choices are critiqued by power users who want more standard IMAP/SMTP behavior.
  • Many suggest using Signal, Matrix, or XMPP for everyday secure messaging instead of email-based PGP.