Preventing the perfect becoming the enemy of the good

There seems to be some useful thinking here. Requiring the user to input a secure passphrase in order to read email where they currently do not need to do this would be a backwards step. Assuming the reason for opportunistically encrypting email is to prevent it being read as plaintext in transit, having user-unfriendly defences to protect keys against compromised clients would seem to defeat the main purpose.

Better to get email encrypted by default (wherever the domain admins support this) with most users not noticing. Protecting credentials against compromised hosts in a manner which doesn't cause users to want to tear their hair out is another job, which should not be done using solutions designed just for this purpose alone.

There is a similar kind of conflict between the perfect and the good concerning the fact that the way that browsers handle self signed HTTPS certificates scares most users off, so sites which can't be bothered with the costs of certificates now of very limited security value choose to use plaintext HTTP in preference to HTTPS, because the former doesn't frighten the horses.