Bullshit SSL comments
Calling bullshit on the SSL comments about CPU resources. GMail supports SSL IMAP, POP3, and SMTP. Sure, the user base for that is smaller than the web system, but SSL is there none the less. SSL does not impact a system badly enough to be of that much concern versus privacy. OpenSSL seems quite well-tweaked already, and the Google PowerHouse CodePlex could easily optimize an internal version, or offload SSL to hardware-based encryption using GPUs, etc.
I will also call bullshit on the idea that there is anybody who does not need nor deserve privacy and protection. Just because you think the information you send in your emails is not important, does not mean that the other end does not, or that it really is not important to someone else. At the very least, your privacy is paramount whether you believe it is or not.
Additionally, I call bullshit on the idea that HTTP traffic cannot be intercepted without ISP intervention. This is patently untrue. In the scenario following, the feasibility is on the level of people using routers with the default admin setup. We have already seen Javascripts which change router configurations, and it is entirely possible to have similar scripts which upload hacked firmwares to routers to intercept HTTP traffic, or any other unencrypted traffic for that matter.
So encryption, email keys, and the like are not the standard? Then why do we not make them the standard by using them and encouraging others to use them as well?
Paris, calling bullshit on the hat-trick.