It's worth mentioning Mailvelope ( <a href="https://www.mailvelope.com/" rel="nofollow">https://www.mailvelope.com/</a> )<p>- Free
- Supported in FF / Chrome
- Supports Gmail, Yahoo, Outlook and GMX<p>I've been using it extensively for about 12 months now. It's solid, unobtrustive, and just .. works.<p>Decryption of attachments would be nice, but it's definitely not a deal breaker.
What is so terrible for people about using an email client? I find using the Gmail web interface to be frustrating because they've removed the ability to pop out the compose view into it's own window, so I can't easily reference information in another browser tab while writing an email for instance. Meanwhile, Gmail has excellent IMAP support, which lets me use Thunderbird + Enigmail to get excellent PGP support.
At the moment, I use the Mailvelope extension.<p><a href="https://www.mailvelope.com/" rel="nofollow">https://www.mailvelope.com/</a><p>Excellent in Chrome - a bit slow in Firefox.
FAQ is a bit confusing. They say there's only one keyring, but at <a href="https://github.com/google/end-to-end/wiki/Keyring" rel="nofollow">https://github.com/google/end-to-end/wiki/Keyring</a> they admit it was not a great idea and that they're splitting the responsibilities.<p>Based on the last planned implementation (External Key Manager (GnuPG bridge, other hardware, network oracle etc..)), I hope it will "just work" with hardware keys.
Good to see that E2E has been progressing, but I still wish we had a PFS alternative to PGP.<p>With today's hacks and the total state of surveillance in which we are in, it's a little crazy to expect people to use the same key 10+ years without it getting compromised. Even a year seems too much.
Does it use inline PGP or PGP/MIME?<p>(On an unrelated note, I wonder if there's anything on mobile that supports PGP/MIME. K-9 Mail only knows about inline.)
I tried to use gnupg but can't wrap my head around the web of trust. My main concern of WoT: What my signature of an other guy's public key actually means? My takeaway is that there is an implicit statement that you sign, but I don't really know what it is. According to the gnupg privacy handbook[1] this statement is roughly "I trust that this guy can properly sign other stuff" which is kind of recursive, but I like it.<p>But when you validate if a message is really written buy a guy named John Doe then the trust path doesn't actually verify this. The trust path verifies that this guy who claims to be John Doe is good at signing other guy's keys. I don't care about that at this point. Of course people don't actually think of the statement written in the privacy handbook, they implicitly sign the statement "I trust that this guy can properly trust other stuff <i>and</i> I know that this guy's name is what he currently has as an ID.". There are several problems with this in practice:<p>- Now you are signing two statements with one signature and you can't separate the two. Now using anonymous public keys becomes tricky as you lose one half of your statement.<p>- Signing the id happens at the wrong place. Malory can revoke her identity than push "Barack Obama" as her new id, now she can send messages in the name of the president. Of course in practice it's hard, because you can't delete revoked ids from key servers. But at this point you trust the key servers. I thought that key servers are not trusted part of PGP.<p>- gnupg guys advocate key signing parties: you gather at one place, bring your ID then sign each other's keys. The problem with this that you only verify half of your statement (id). The other half is tricky to verify (Can this guy properly protect his priv key? Will this guy just randomly sign everything he sees?), I think it makes more sense to trust a friend who you already know well. Of course there are trust levels and I think you should only use marginal trust at these parties, however I don't know what's the practice.<p>- There are keys that are not tied to people, they are typically tied to software packages. Now what does it mean when someone signs such a key? Take putty as an example. Its master key is signed by several people. Each signature could mean that "this is the putty project's master key that is used to sign the binaries themselves" which can be verified by the given guy knowing the developer and that he is trustworthy (at this point PGP is misused though, the guy should have signed the developer's key instead and only the developer should sign the binary signing key, but it would make trust paths longer). It could also mean that "I trust that PuTTY is a great software and doesn't do anything nasty behind your back" which requires an entirely different verification.<p>In the end the trust path a way too simplified projection of these statements and most likely you can't actually verify the statement that you care about.<p>[1] <a href="https://www.gnupg.org/gph/en/manual.html#AEN282" rel="nofollow">https://www.gnupg.org/gph/en/manual.html#AEN282</a>