Something that may have slipped you by: Back in November, the German Federal Office for Information Security approved Gpg4KDE and Gpg4win for the transmission and processing of national classified information.
Gpg4KDE is the encryption system that you use each time you encrypt and sign messages in KMail. Gpg4win, used for encrypting and signing emails on Windows, is built upon KDE's certificate manager Kleopatra. The German Government has now ranked both secure enough to be used when transmitting messages with VS-ONLY FOR SERVICE USE (VS-NfD), EU RESTRICTED and NATO RESTRICTED levels of confidentiality.
In view of the recent Rubicon/Crypto AG/CIA scandal, this is further evidence that FLOSS encryption technology is the only reliable encryption technology.