To me this looks strictly worse than if they just used s/mime with some magic to integrate in the Gmail client for ux.
As I read it[1] - Gmail users are given a hidden s/mime key pair, possibly with secret key stored in a hw token/on device.
I can only assume that when mailing an external user without guest/Gmail account, Gmail will generate a (temporary?) key pair for the recipient, encrypt the message under temporary public key of the recipient - then when recipient creates the guest account - either generate a new key pair and re-encrypt or assign the key pair held for the user? To allow Gmail to decrypt the mail in the browser? As well as implicitly trust the sender key for verification?
I struggle to see how this is e2e in any meaningful sense?
When I log into a public terminal at my library - how will the browser access my keys?
To me this looks strictly worse than if they just used s/mime with some magic to integrate in the Gmail client for ux.
As I read it[1] - Gmail users are given a hidden s/mime key pair, possibly with secret key stored in a hw token/on device.
I can only assume that when mailing an external user without guest/Gmail account, Gmail will generate a (temporary?) key pair for the recipient, encrypt the message under temporary public key of the recipient - then when recipient creates the guest account - either generate a new key pair and re-encrypt or assign the key pair held for the user? To allow Gmail to decrypt the mail in the browser? As well as implicitly trust the sender key for verification?
I struggle to see how this is e2e in any meaningful sense?
When I log into a public terminal at my library - how will the browser access my keys?
[1] https://support.google.com/mail/answer/13317990?sjid=1138879...