cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dcontesti
Community Champion

Google introduces End to End Encryption on GMAIL

Google announced on Friday that it's adding end-to-end encryption (E2EE) to Gmail on the web, allowing enrolled Google Workspace users to send and receive encrypted emails within and outside their domain. 

 

https://www.bleepingcomputer.com/news/security/google-introduces-end-to-end-encryption-for-gmail-on-...

 

4 Replies
JoePete
Advocate I


@dcontesti wrote:

Google announced on Friday that it's adding end-to-end encryption (E2EE) to Gmail on the web, allowing enrolled Google Workspace users to send and receive encrypted emails within and outside their domain. 

 


The "outside their domain" part would seem to require the footnote "provided that the domain uses Gmail"  unless I am missing something. Basically, Gmail is managing keys for their users, allowing people to seamlessly encrypt (using public keys) and Gmail users to decrypt using private keys. I suppose they could have BYOK (bring your own keys) option. Overall, it is a great business strategy as now to "securely" email you will have to be part of the Google ecosystem. From a security standpoint, Gmail probably has the best chance at getting people to finally adopt encryption for email even though we have had options for a good 30 years now. 

CraginS
Defender I

But not for the general public individual GMail subscribers, only for enterprise managed accounts.

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
denbesten
Community Champion


@JoePete wrote:

The "outside their domain" part would seem to require the footnote "provided that the domain uses Gmail"  unless I am missing something.


No clue how Gmail implements this, but one way I have seen is to email a link that the "outside the domain user" can click to retrieve the actual message (after authenticating to Google's satisfaction).  My doctor's office does this.  Horrendously bad UX and they can't quite understand how someone that is as techie as me does "not have an email address".

denbesten
Community Champion

"Security" features should not be optional extra-cost add-ons.