Submitted by psychothumbs t3_zp40e0 in technology
ColgateSensifoam t1_j0s3bn7 wrote
Reply to comment by resisting_a_rest in Google introduces end-to-end encryption for Gmail on the web by psychothumbs
You're describing PGP key repositories
Very few people actually use PGP unfortunately
resisting_a_rest t1_j0s6zf5 wrote
Maybe because no popular web based email services support it (or if they do, do not advertise it)?
Gmail, for instance, could easily allow you to enter your public key and then advertise it on a public repository, then have you enter your private key and store it locally (not transmit it to the server). I guess you'd have to trust Google with that though.
But then whenever you press send to send an email, it would check the repository and if that email has a public key, if so, encrypt the message and send it (otherwise just send it in the clear). For incoming messages, just automatically detect if it is encrypted, and then use your private key to decrypt it and display it. It would be pretty much transparent once you supplied Gmail with your private and public keys.
Epistaxis t1_j0tk95w wrote
Why would a popular, i.e. free, web-based email service offer an option that prevents the provider from seeing your messages? That's the whole business model.
resisting_a_rest t1_j0tnb4u wrote
You're right, but it doesn't have to be for all emails, just have the option to send certain emails encrypted using "the standard" for sending encrypted email.
But again, yes, there is a big incentive to not have this feature.
edman007 t1_j0sy2at wrote
S/mime works better honestly..we use that where I work. But it's hard getting people to set it up, and certs are a little more difficult to generate.q
Viewing a single comment thread. View all comments