Thanks for the comments, Fred, and I agree. In particular I agree that we need a better and more coherent security architecture. Not necessarily as a way to cut the other flowers but as a model of how to do things securely. And I agree about privacy being an inherent part of security. And I agree about using our own tools as an organisation, but with a caveat. When we worked on, say, HTTP/2, we didn’t do that for the sake of our own website. We did it for the sake for major content providers and most popular web browsers. If what we worked on in privacy didn’t work for the IETF or us individually, it would be very weird. But it also cannot be the only goal, we have to share minds with major current or potential users of the technology. What would those be in the e-mail case, and kinds of things are they likely to need? Having a good answer to those questions is probably as important as having all of us turn on particular forms of security in our individual communications. (I should probably insert a reminder that even in e-mail there are actually many subproblems and and aspects. End-to-end content protection is just one. But both my discussion above and yours Fred were focused on the end-to-end part.) Jari