> How are secret keys managed?
Stored on proton's server, encrypted with a passphrase known only to the account holder. I believe they allow you to upload keys as well.
> How are public keys managed? (Trust on first use, web of trust, etc.?)
ProtonMail supports WKD: Email clients can automatically query a proton account's public key using HTTPS. You can also send your public key to people using all the old ways.
> Where does the encryption take place, and where does that code come from?
Proton distributes a FOSS application which integrates with a standard email client. Yes, I imagine most people use the webmail client. Not offering a webmail client was not an option.
> What doesn’t get encrypted? (Subject lines, etc.)
Yes, I believe Proton only does the message body and attachments.
> How does this work for people not using the same service? Does everything silently downgrade to plaintext?
Yes. This behavior is important to increase adoption, and is a similar compromise to the one that allowed the HTTP => HTTPS transition. Once encrypted email is normalized we can tighten the screws.
> I know that sounds rude or dismissive, but the situation is completely terrible and there’s no real political will to fix it. And you *need* political will to fix it.
You point out that email encryption is a political problem. The folks at Proton are aware of that and are actively working to solve that problem. Part of the solution requires having a simple thing you can point people to that they can use to encrypt their emails with no fuss, even if that thing isn't perfect.
Everytime i see them mentioned i get this "Something is fishy with them" feeling.