sure, there are still providers that don't offer TLS, but my point is that fixing TLS doesn't even begin to tackle this actual problem. It's an orthogonal problem. This issue is about authorization/authentication, not about transport security/MITM attacks. PGP and SMIME, even when used for signing only will protect against this attack while even fully deployed TLS will not.