I am not intimately familiar with the finances of PayPal, Google, Facebook, or Amazon.com, but I suspect they may be able to afford an S/MIME certificate. Perhaps even two or three!
> Webmail (which a lot of people use) is also not ideal for dealing with certicates. You more or less have to trust the mail provider with your private keys. There are just countless attack vectors.
You are already trusting the email provider with everything. What's so bad with trusting them to verify a signature, too?
We're not communicating state secrets over encrypted email here; we're just verifying the signature on "PayPal sent you a message, click here to view it"-kind of emails.
But the signature doesn't tell you the sender is the org they claim to be, because how would the verification system know who the sender says they are?
> Webmail (which a lot of people use) is also not ideal for dealing with certicates. You more or less have to trust the mail provider with your private keys. There are just countless attack vectors.
You are already trusting the email provider with everything. What's so bad with trusting them to verify a signature, too?
We're not communicating state secrets over encrypted email here; we're just verifying the signature on "PayPal sent you a message, click here to view it"-kind of emails.