

Gmail is getting PGP Signatures (Feb 2009) - graywh
http://www.paulspoerry.com/2009/02/13/gmail-is-getting-pgp-signatures/

======
koanarc
Over a year ago they were experimenting with this, and still no results? Not
very encouraging. Has anyone since seen any evidence of further developments
in this area? I've never noticed these features when receiving signed mail.

I had always hoped that gmail would popularize PGP signatures, if not
integrate outright encryption (PGP has been implemented in JavaScript plenty
of times -- right up Chrome's alley).

I'm sure there are all kinds of legal implications for Google to consider
(disabling features for users in countries where crypto is illegal/more
strongly regulated, places it would be illegal to "export" to, etc), not to
mention the fact that encrypted mail would preclude targeted advertising, but
email and crypto go together like PB&J. HTTPS enabled by default was a step in
the right direction (and it certainly took them long enough), but signature
support seems terribly overdue, to me.

~~~
jff
Letting Google manage your secret key kind of defeats the purpose, doesn't it?

~~~
koanarc
Absolutely, but I don't see why it couldn't still manage public keys for
verifying signatures and encrypting outgoing mail.

Your private key could still be handled locally. Hell, even if they left
signing and decryption (the parts you'd need your private key for) entirely up
to the browser or plugins or a full-blown mail client, you could still verify
signed mail that you'd received and send out encrypted mail from within
Gmail's interface. That alone could go a long way towards encouraging
cryptography beyond the security-conscious crowd. At the very least, it
spreads awareness.

EDIT: Also, as far as my more unimportant emails are concerned, I'd rather
have them bouncing around the internet encrypted by a compromised/throw-away
key (i.e., one that Google has access to) than not encrypted at all. But in
common use, yeah, the illusion of security would be worse than no security at
all.

