maybe i misunderstood what you were trying to say. it sounded to me like you dismissed those german institutions for choosing GnuPG when better alternatives exist (and are used elsewhere (my interpretation))
but looking at those alternatives, i don't believe they are a good choice for any larger institution. what they need is tools that are proven technology and easy to use. i mean they are even expecting to use them on windows. and we all know how dumb that is. but they do as they are wont to do.
sure, i don't doubt that tools exist that provide better security, but they are better only if you have the skill to use them. they are not better for the kind of institutions we talk about here. GnuPG itself was in that camp for a long time. it is going to take even longer for any alternatives to become more approachable
