@jsparknz @aral He gives zero support for his thesis. Of course the best case is absence of need for trust. Trust /is/ risk. There's nothing favorable about that. If you must trust, then lots of factors come into play and turn a straight-forward decision into a fuzzy one. It's better for your email payload to be PGP-encrypted so you don't need trust vs hoping the MitMs don't exploit.