The short story: my broker keeps sending me email with the subject beginning with "Encrypt:" and assuring me that the contents are encrypted. They aren't. Anyone who has any clue can clearly look at the raw message and see that the contents are not encrypted. This has happened to me from various parties for many, many years, and I've always assumed they have some sort of internal encrypted email concept where the client can encrypt/decrypt transparently, but that when it exits the company, it's necessarily sent in the clear (they don't know what kind of mail system is on the receiving end).

I'm well-versed in security. I know fundamental truths like that I can't possibly be reading an encrypted email without having access to a decryption key, and that systems to manage such keys are Hard Problems that simply have no widespread implementation that would feasibly work between my broker and my gmail. And further, I know how to look at the raw contents of an email and see that it's clearly just a base64-encoded PDF that I can open and view without any kind of shared secret.

What I don't know is .. what are these various email systems that claim to encrypt and send "secure" email actually doing? I'm looking for references that give the technical details of how various types of encrypted email systems actually work. I want to eliminate the magic and be able to have a conversation that doesn't stop at the other person saying, "I don't know, IT says it's encrypted."