7 comments

[ 8.9 ms ] story [ 28.6 ms ] thread
Over a year ago they were experimenting with this, and still no results? Not very encouraging. Has anyone since seen any evidence of further developments in this area? I've never noticed these features when receiving signed mail.

I had always hoped that gmail would popularize PGP signatures, if not integrate outright encryption (PGP has been implemented in JavaScript plenty of times -- right up Chrome's alley).

I'm sure there are all kinds of legal implications for Google to consider (disabling features for users in countries where crypto is illegal/more strongly regulated, places it would be illegal to "export" to, etc), not to mention the fact that encrypted mail would preclude targeted advertising, but email and crypto go together like PB&J. HTTPS enabled by default was a step in the right direction (and it certainly took them long enough), but signature support seems terribly overdue, to me.

Letting Google manage your secret key kind of defeats the purpose, doesn't it?
(comment deleted)
Absolutely, but I don't see why it couldn't still manage public keys for verifying signatures and encrypting outgoing mail.

Your private key could still be handled locally. Hell, even if they left signing and decryption (the parts you'd need your private key for) entirely up to the browser or plugins or a full-blown mail client, you could still verify signed mail that you'd received and send out encrypted mail from within Gmail's interface. That alone could go a long way towards encouraging cryptography beyond the security-conscious crowd. At the very least, it spreads awareness.

EDIT: Also, as far as my more unimportant emails are concerned, I'd rather have them bouncing around the internet encrypted by a compromised/throw-away key (i.e., one that Google has access to) than not encrypted at all. But in common use, yeah, the illusion of security would be worse than no security at all.

No, you would need to manage your own secret key. That's why it's hard for most people to use in practice.
Just adding support isn't going to popularize PGP. Every major IMAP client supports S/MIME, but few people use it. Usability is still a key barrier. Read "Why Johnny Can't Encrypt": http://gaudior.net/alma/johnny.pdf

Users must generate their private keys themselves and must get a CA or a web of trust to issue certificates for those keys. Then they must keep their keys safe and install them on any device they want to check email from. If one of those machines is compromised, then the user must revoke their certificates and start again.

You need an PKI or web of trust, and a minimal level of expertise to make this work. I don't think widespread adoption of email encryption will happen unless its invisible to the user.

Thanks for the PDF, looks like a good read.

First let me disclaim that I am by no means a crypto expert, and perhaps I am actually way off base here.

I'm not suggesting that Gmail could revolutionize popular use of encryption overnight. What I AM suggesting is that by storing and making it simple to send and receive public keys, Gmail could very easily and transparently facilitate the growth of such webs of trust. Simple example (what TFA seemed to be):

1) Alice, a crypto-savvy non-gmail user, sends Bob, a non-crypto-savvy gmail user, her public key. (Or, better, Alice gives Bob a thumbdrive with her public key on it for upload to Gmail.) 2) Gmail stores it. 3) Alice later sends signed mail to Bob. 4) Gmail verifies it, and prominently notifies Bob whether it is a valid or invalid signature. Perhaps it even presents a link for Bob to learn more about how it knows this, and how his mail from Alice is different from un-signed mail.

So with extremely little forced interaction on Bob's part (nothing to install, nothing much to learn, no key generation), there is now some added security between the two of them, even if it is unidirectional. From this point, Bob could then quickly learn enough to be able to encrypt the email that he sends to Alice from within Gmail, and Alice, using PGP in her mail client, would be able to decrypt it.

It certainly doesn't cover every angle, but it would improve relative security and it would allow those who ARE familiar and experienced with public-key cryptography to bring up basic concepts with their friends/family/coworkers (among the ~150 million monthly Gmail users, anyway).

Edit: wonky formatting