Google announced on Friday that it's adding end-to-end encryption (E2EE) to Gmail on the web, allowing enrolled Google Workspace users to send and receive encrypted emails within and outside their domain.
@dcontesti wrote:Google announced on Friday that it's adding end-to-end encryption (E2EE) to Gmail on the web, allowing enrolled Google Workspace users to send and receive encrypted emails within and outside their domain.
The "outside their domain" part would seem to require the footnote "provided that the domain uses Gmail" unless I am missing something. Basically, Gmail is managing keys for their users, allowing people to seamlessly encrypt (using public keys) and Gmail users to decrypt using private keys. I suppose they could have BYOK (bring your own keys) option. Overall, it is a great business strategy as now to "securely" email you will have to be part of the Google ecosystem. From a security standpoint, Gmail probably has the best chance at getting people to finally adopt encryption for email even though we have had options for a good 30 years now.
But not for the general public individual GMail subscribers, only for enterprise managed accounts.
@JoePete wrote:The "outside their domain" part would seem to require the footnote "provided that the domain uses Gmail" unless I am missing something.
No clue how Gmail implements this, but one way I have seen is to email a link that the "outside the domain user" can click to retrieve the actual message (after authenticating to Google's satisfaction). My doctor's office does this. Horrendously bad UX and they can't quite understand how someone that is as techie as me does "not have an email address".
"Security" features should not be optional extra-cost add-ons.