Just two nitpicks: You can sign email with GPG even if others aren’t using it (of course it will be of little value to them until they, possibly at a later date, verified your key), and it is supported on Android by K-9, I believe.
Worth noting here that K-9 for Android does not support the more modern and useful PGP/MIME. It only supports inline PGP. They've been promising it for years, but I'm not expecting to ever see it.
Hopefully somebody makes a good go at getting PGP onto Firefox OS so I can ditch Android.
Yes you can, but my point was that this is of no utility with GPG. Whereas with s/mime anyone can confirm that your email was signed (with many email clients), so there is value to using s/mime prior to all your contacts also using it.
> anyone can confirm that your email was signed (with many email clients), so there is value to using s/mime prior to all your contacts also using it.
Provided that they trust the people handing out these certificates – with PGP, they need a chain of trust to your key to verify that it is you, with S/MIME, they have to trust random third parties. Or do I miss something and you mean something else that is possible with S/MIME but not PGP?
Right now if I send my Grandmother a signed email with s/mime she will see a little notice in her email client that says the message is signed and valid. If I send her an email with a PGP signature it will not.
This is because just like her browser the CA is trusted by her OS.
