[LINK] Public keyrings for Joe Blow in AU?

[David]

I'd like to canvass the Link Institute's views on the best source of generally recognised, well authenticated, and cryptographically secure keys for private citizens of this Wide Brown Land.

As things stand, emails from private citizens to most doctors, lawyers, and other professionals must be sent in plain text unless prior arrangements exist.  Some organisations do offer secure-mail on their website, but their IT&C infrastructure is probably off-shore, which isn't a plus, and it doesn't solve the more general problem anyway.

I know of an Australian bank (not one of the big four) which advises customers wishing to transfer amounts larger than the usual maximum ($20,000) to download a PDF form and email the completed request to the appropriate department (yep, as a simple PDF attachment to a plain-text email).  This form specifies account numbers and account holders at both ends of the transaction and of course must be signed by the customer!

The Federal Government is beginning to market a keyring for access to Federal government agencies.

ACSC suggests IP Domain owners should apply for a certificate from Let's Encrypt, which I understand is an initiative of the US Government and interested stakeholders.  Its certificates are well supported and it ensures they remain valid using a certbot and the ACME protocol, but I think someone here suggested they'd lost funding?  However the biggest issue is that Let's Encrypt certificates apply to domain-name owners, not individuals AFAIK.

So is our Wide Brown Government going to blunder into the 21st century with FAX as the most secure option open to private citizens?

David Lochrin