Like most large corporations I have a love/hate relationship with Google. The company’s practices as far as selling customer data disturb me but it releases a large number of really good products. Last week Google announced an alpha release of an alpha version of a Chrome extension that is meant to make e-mail encryption easier:
Developers at Google have released an experimental tool—for Gmail and other Web-based services—that’s designed to streamline the highly cumbersome task of sending and receiving strongly encrypted e-mail.
On Tuesday, the company unveiled highly unstable “alpha” code that in theory allows people to use the Google Chrome browser to generate encryption keys, encrypt e-mails sent to others, and decrypt received e-mails. Dubbed End-to-End, the Chrome extension also allows Chrome users to digitally sign and verify digital signatures of e-mails sent through Gmail and other services. The code implements a fully compliant version of the OpenPGP standard, which is widely regarded as providing virtually uncrackable encryption when carried out correctly.
OpenPGP is a great tool for communicating securely over e-mail. However using OpenPGP can be difficult for newcomers as it requires some technical knowledge. I haven’t had a chance to play with this extension yet but if it makes using OpenPGP with popular webmail providers it could be significant. Key management has traditionally been the biggest hurdle for newcomers to OpenPGP and if this extension can help make that easier it will really boost OpenPGP’s ease of use.