We need transparent crypto for a number of reasons
IPv6 is supposed to have this, although how well it is implimented, and how widespread it will become, remains to be seen.
- secure end-to-end communications (chat, ssh/telnet, instant messaging, VPN, gameplay, ftp, etc. etc.)
- secure exchange of data between servers, e.g. DNS, SMTP, etc.
- good authentication without depending on user apps to be well behaved
We also need user space crypto such as GPG. Transparent crypto for mail has the problem that, for example, a user could step away from their machine and someone else could email from their account, impersonating the user. This is true of unsigned mail now, but with transparent crypto it would have the problem of being signed by the user, lending the perception of authenticity where it isn't really present.
I have found seahorse with GPG to be a reasonable level of complexity. There are a few aspects of the interface I'd like to see changed and streamlined, and having GPG/PGP functionality built into the mailer would certainly be preferable (although copy and paste under X is so rediculously easy that that isn't a big issue), but all in all it is very usable even for newbies.
Key management really can't be made a whole lot easier, and shouldn't really be any more transparent. Deciding to trust someone (or their public key) IMHO still needs to be a conscious act.
We need both transparent and user space, non-transparent crypto, just as we need both better streamlining and usability of the GUI frontends AND education of the end user on how to use crypto, what public and private keys are, and how to manage them.
Using GPG with a good GUI really isn't any more difficult than addressing, stamping, and mailing an envelope, but user's do need to be shown how to do it.
(Actually, that inspires a thought: a GPG GUI which looks like an envelope, with the signature filling in the "return address" spot, the "encrypt to" the mailto address, and the email address itself the stamp. We'd still need to educate people on good key management practices, but this paradigm might make the entire concept of GPG/PGP more understandable to the lay person).
http://openflick.org - Fighting Copyright with Free Media