Google, trying to live up to their old “Don’t be evil” slogan, recently announced that they’re working on an end-to-end email encryption extension for the Chrome browser. And they’re not doing anything weird or proprietary; they’re building an implementation of PGP, in JavaScript.
If you’re old enough to remember the nonsense we had to go through to legally export PGP in the mid-90s, this is somewhere between amusing and amazing.
Anyway, if you found this blog, you probably know enough to build it yourself from the Google-provided source. I briefly toyed with the notion of having a pre-built copy here, but if you aren’t going through the Chrome app store, the process of installing a third-party extension is probably more complicated than building it in the first place.
Random Comments
- It’s a Chrome browser plugin, but at least Chrome is pretty widely available.
- No connections to any of the public keyservers. So, no connectivity to the pre-existing PGP trust infrastructure. You have to find the public key for a recipient somewhere on your own, and add it to the E2E keyring yourself.
- The interface is kinda clumsy, and involves cutting-and-pasting your messages from your email window (probably in a browser, but not necessarily) into an odd-looking browser pop-up window and back.
- Something about not having a long secure passphrase just feels… weird