Nearly all email is encrypted in transit. All major MTA systems send encrypted and accept encrypted as the default.

This article is about encrypting the body of the email which is easy* but no widely implemented standard exists.

* Stupid easy for two nerds to email securely.

* Stupid hard to work with multiple people and non-nerds.

It seems like the bigger day to day issue is the possibility of downgrades from STARTTLS or a server that doesn’t support TLS. Encryption in the GPG isn’t necessary or even would be unwanted (for a company to have records of all the emails).

So there are mechanisms to put encrypted things in workplace emails and then have some mechanism for receiver in a different organization to unencrypt. I have seen a mechanism that comes down to magic links, which I found ironic (though yes, intercepting is less of a threat than sending the data unencrypted).

I feel like supporting an option to not send an email unless STARTTLS happens is the way to go. There’s probably a lot of practical problems for, say, online Outlook or Gmail supporting that option when sending an email. But I feel like that’s the easiest solution.

might age fit the bill?

Unfortunately, those are 2 different problems. It’s easy to have servers store encryption keys to make https work. You only need to encrypt trafic between you and a server for 5 seconds at a time.

It’s hard for personal communications. The server shouldn’t know the keys, and they need to survive for decades.

No, they couldn't. What they could do--and what they did do--was push for the move of TLS connections for the MX-MX hop of email; I don't have the stats off the top of my head for how prevalent that is, but I think it's in the 80-90% range of email being delivered in this method.

But end-to-end encrypted email? It breaks everything. You need to get all the MUAs to support it (very few do either S/MIME or PGP). You'll break webmail--the most popular way to use email--without lots of major investment. And encrypted email breaks things like spam filtering or server-side filters catastrophically. Key discovery is also unsolved.

There was a time when I was on the everybody-should-use-encrypted-email train. But I've since grown up and realized that encrypted email fundamentally breaks email in ways that people are unprepared for, and people have already figured out how to route around the insecurity of email via other mechanisms.

I think mandatory S/MIME without user-friendly key management would either be reverted pretty soon or it would kill Gmail.

Google would have to build some kind of Let's Encrypt for S/MIME before they turned on the encouragement.

why did google wanted it?

Google makes money off search, which requires that users want to visit websites. All websites using HTTP are not secure. Unsecure websites are uninteresting to most users, but most users don't have the know-how to distinguish what sites are using HTTPS and which aren't. So the simplest solution is to get all websits to switch to HTTPS before it becomes a problem

Another possibility is Google is in an industry that makes money by collecting information about users, and by supporting universal HTTPS, they gained a competitive advantage over ISPs and others regarding user data for Google searches and other services.