The base idea is this: We should make e-mail work just like the web in terms of encryption

Great article here that discusses bringing email encryption to the mainstream without breaking the habits everyone has already formed (ideally they change some, but that's for another post). I have long been a proponent of building strong security into the tools commonly used by less-security-conscious internet citizens.

Emil also goes on to discuss the "usability" of current encryption software (including PGP), which I think is an incredibly important and often overlooked aspect of designing a security tool or system. I, of course, object to an email provider having your private-key, but we are mostly discussing a mainstream audience here, and a little goes a long way in the world of consumer security.