You guys are clearly experts in this stuff and I have no qualifications to judge on how good, bad or indifferent these guidelines are, I am just Joe Average end user who reads too many New York Times and Guardian articles.
It just doesn't sit right with me that an organisation that has no interest whatsoever in promoting secure systems that it then cannot infiltrate would issue such self defeating guidelines. Think about that for a moment, they spend millions trying to break various levels of RSA encryption, only on the other hand, showing their charitable side, they issue security guidelines that prevent them from doing their job.
Do you think Lavabit or Silent Circle used NSA recommended guidelines? Methinks not.....and they paid the ultimate price for not allowing the NSA access to their systems or the data therein.
But then...maybe I should stop reading the NYT, or the Guardian...or the Washington Post, the Economist...or any other decent and respected newspaper.