Submitted by psychothumbs t3_zp40e0 in technology
ColgateSensifoam t1_j0s3e0a wrote
Reply to comment by Bierbart12 in Google introduces end-to-end encryption for Gmail on the web by psychothumbs
Email is rarely authenticated, let alone encrypted
edman007 t1_j0sxuio wrote
Nah, it's mostly encrypted now. The issue is the way the encryption works they can't use the key the server sent it with in the client. The receiving sercyer has to have key.
If you want end to end encryption you need to use PGP or s/mime
uzlonewolf t1_j0suw6z wrote
Eh, the connections to and between servers are usually encrypted with TLS, just like websites, so it's not like it's completely plain-text either.
alphafalcon t1_j0tsk7q wrote
Yeah, usually... But the default fallback mechanism for "I can't connect via TLS/the certificate doesn't match/is expired/something is wrong" is either to ignore the invalid certificate or fall back to plain text.
It's better that directly sending plaintext but only marginally.
Viewing a single comment thread. View all comments