Don't know what DRM has to do with cryptography but ok, the others are more general, like locking the device which could be taken as part of the whole cryptography issue.
The issue with people not knowing, call it "Security Suite" give a short description what will be secured and what it means to in general and provide it with a red pill mode for advanced users, but blue pill should be all with default settings dev team thinks are useful. With that you will get most people to secure at least some of their private data.

Actualy I care less about those Joes! If someone say he doesnt care that much why should I? I care about those Joes who would like to use cryptography and have no clue how to do that as they are used to deal with menu-overloaded-mouse-only-GUIs from windows and KDE. They get stuck with creating a GnuPG keypair in a terminal and gave up after 10 minutes because they thought they'd never understand and a cheap GUI wasnt any help either.

I'm not a developer yet and far away from doing this kind of stuff from scratch. EasyCrypt looks like a start but more important is the modest mime extension to me and others. The name is already telling and getting the GUI slowly extended to handle GPG PGP keys, then integrating with the system to encrypt calendar etc. would be an idea.
the device lock stuff is already in my primary solution

As a first step, could the basic tools be made available together with a how-to suitable for the average joe like me who doesn't mind using the CLI if given clear instructions?

I'd like to see gpg and a truecrypt port, even with no GUIs.

And what about using a key stored on other media? I guess having my key on a USB stick would be one option.

GnuPG is preinstalled out of the box and fairly complete:

I think it wouldn't, since the N900 supposedly doesn't support USB Host.

Edit: Assuming you're actually talking about the N900, of course.

Thanks. Yes, talking about N900.

I tried to change the thread's name and it is showing the changed name to me when I edit the main post but it doesnt for anything else. Some of the Mods might wanna fix/change this, its Cryptography instead of Encryption, please.

On TrueCrypt there is another thread here:
http://talk.maemo.org/showthread.php?t=38536

I am not realy impressed yet as there is nothing showing up in extras and nothing from this brainstorm was looked at...

at least REMFwhoopitydo will be happy now

has anyone tried to encrypt the whole folder where personal settings are stored? (contacts, PINs, calendars, etc)? Or, is it feasible?

Actually a proper login screen and encrypt the whole privacy tops would be first choice. I did not have a look yet for anything of the issues as my first look would go for real multi user environment and that would mean to have all things moved to ~/ instead of somewhere else. Long way to walk I guess.