So far as we can tell, there is no viable plan for mass adoption of S/MIME. It will remain a niche system whether or not we participate. There is no opportunity for impact that would justify the effort and expense on our part, no vision for the future of S/MIME that we're excited about.
There was a viable plan for mass adoption of HTTPS in a reasonable time frame, that's why we chose to execute.
A fundamental difference between those two ecosystems is that the burden of HTTPS is almost entirely on server administrators, end users don't have to do anything. The HTTPS user-agent ecosystem has been solidly in place for a while. In the S/MIME case individuals need to be more participatory, and it's hard to get end-users to do anything, let alone correctly.
Making it easy to get email certificates certainly doesn't guarantee mass adoption, but the lack of easy access to email certificates absolutely is blocking mass adoption.
Let's Encrypt are perhaps one of the only players in a good position to make a real difference here. I don't see any other CAs implementing ACME for S/MIME (https://tools.ietf.org/html/draft-ietf-acme-email-smime-04) and offering free certs.
>In the S/MIME case individuals need to be more participatory, and it's hard to get end-users to do anything, let alone correctly.
Do you not think there's a case to be made here for MUAs to implement e.g. ACME and make this seamless? Why shouldn't I be able to automatically get a certificate provisioned for my email account and then just opt-in to signatures/encryption as needed? If a player like Google decided to roll this out to consumer GMail (recall it's already available for enterprise customers) they could massively increase adoption.
>It will remain a niche system whether or not we participate.
Why do you think there's no chance of innovation if an automated certificate provisioning solution becomes available?
>There is no opportunity for impact that would justify the effort and expense on our part, no vision for the future of S/MIME that we're excited about.
This really is a shame and I fear it will pretty much cement S/MIME's fate going forward. As much as PGP has some strengths and I've used it for many years, it's poorly supported without external software and I'm not sure it's a good answer for the average user.
Out of interest: is there any vision for email integrity and confidentiality that you are excited about, if not S/MIME, or is LE really just about web PKI?
Something like ACME for email certificates would be helpful, but I don't think that's anywhere near the major blocker for practical email encryption.
In addition to the difficulty of acquiring certificates, email is quite likely to be read from different devices (including webmail!). This makes key management more challenging compared to server SSL keys, especially because you also have a much, much longer tail of email applications trying to read email. Key discovery is a difficult topic, depending on how much you trust MTAs and how much you're willing to give up on decentralized email. Widespread email encryption would also probably destroy anti-spam solutions.
Of course, the most difficult problem of all is that the threat model for email is rather different than for SSL. The automatic provisioning of DV certificates effectively relies on the difficulty of spoofing and intercepting a connection on the wider internet and is less effective against nation-state-level threats (if the US government wanted to get a certificate for any domain, it probably could). But email is already naturally secured against those common threats, as your connection to the email servers are protected by SSL. Instead, the goal of email certificates is to protect against others who (might) have access to your email account... which means that automatic provisioning of certificates doesn't cut it.