Should also be accessible via :setup-pgp
so that existing users can do it easily. Should give you the option of importing from gpg or to generate a new PGP key.
This should be one of the first steps so that we can encrypt the mailbox password with the GPG private key and not store it in plaintext if the user accepts.