> The problem here is that there are real people who depend on the security of their messages who would be taking unreasonable risks in trying to get an encrypted email workflow going.
But how do you decide who is taking unreasonable risks?
Surely there are also some people who would be taking unreasonable risks communicating via any means other than a one-time pad exchanged in person!
And yet I suspect most security professionals will say that in most use cases the ergonomic disadvantages of one-time pad make it not worth the added security. Which is the exact same form of argument you said is problematic regarding secure messaging services.
Cryptography engineers virtually never use one-time pads, because the ergonomics are impossible and the security benefits over a modern (as in, past the 1970s) cipher are marginal. Ironically, similar to encrypted email, a reason not to attempt one-time pads is that you will inevitably screw them up (and there is, like with PGP, a history of operational screwups to point to here).
If your point is that the risk calculation isn't literally binary, that's true. But it's pretty close to discrete.
Is encrypted email sufficient for the LARPing use cases that almost all encrypted emails represent? Sure. But when we discuss secure messaging as a generality, we have to consider the cases where security actually matters, and in those cases encrypted email is not fit for purpose.
But how do you decide who is taking unreasonable risks?
Surely there are also some people who would be taking unreasonable risks communicating via any means other than a one-time pad exchanged in person!
And yet I suspect most security professionals will say that in most use cases the ergonomic disadvantages of one-time pad make it not worth the added security. Which is the exact same form of argument you said is problematic regarding secure messaging services.