It's quite telling, how this epic failure is downplayed
Both OpenPGP and SMIME standards are broken by bad design. The later completely, the first one due do later tacked on security-checking that wasn't always enforced and "warnings" still returned the encrypted text in any case.
And then the developer communities of OpenPGP implementations PGP, GPG vact like complete idiots by downplaying and bad mouthing the research, and even speaking in public before fixing the big issues, but denying to do so (despite their Twitter posts are still online).
And why is there such a big push to HTTPS? And why is there no push to encrypted email? Everything around encrypted HTTP and email gets to a bigger clusterfuck by the day. Especially why now? What has changed in 2017/18, that we suddenly need HTTPS and not encrypted mails at all. Some big power somewhere wants to see HTTPS everywhere and no email encryption anywhere.
What we definitely need is a new next gen TLS alternative without hidden backdoors, and it should be used for HTTPS and encrypted mail transfer.