Yawning
commented
6 years ago There is 0 chance that TLS in any form will be used for this, ever.
If you had taken the time to read the design documentation, you would have noticed that Perfect Forward Secrecy is implemented everywhere that it is possible to do so already.
Ideally all communications would use perfect forward secrecy and be done by the client. But depending on if your making a client from scratch or reusing existing email clients that might not work. If you are creating your own client then ensure Perfect Forward Secrecy is implemented from the beginning. If not then at least ensure the providers are using PFS along with the Certificate Authority for the messages.
Require that TLS 1.3 that is now approved be used for communication with the with and between the providers along with Certificate Authority.