Google Hands Over Email Encryption App to Community

27.2.2017 securityweek Krypto

Google announced last week that it has decided to hand over its E2EMail email encryption app to the community.

The tech giant first announced its End-to-End email encryption project in June 2014 and released its source code a few months later. The goal was to create a Chrome extension that would make it easier for less tech savvy people to encrypt their emails using the OpenPGP standard.

The End-to-End crypto library has been used for several projects, including E2EMail, a Gmail client that runs independently of the normal Gmail interface and allows users to send and receive encrypted emails.

The E2EMail source code has been available on GitHub for the past year and it has received contributions from several security engineers. The search giant has now announced that E2EMail is not a Google product and instead it has become a “fully community-driven open source project.”

Since a long time has passed and a Chrome extension is still not ready for general use, some believe this may actually be Google’s way of saying that it has abandoned the project, especially since no changes have been made to the code in the past months.

On the other hand, Google did say that it is looking forward to working “alongside the community” to integrate E2EMail with other projects, such as the recently announced Key Transparency.

“E2EMail in its current incarnation uses a bare-bones central keyserver for testing, but the recent Key Transparency announcement is crucial to its further evolution,” Google employees said in a blog post. “Key discovery and distribution lie at the heart of the usability challenges that OpenPGP implementations have faced. Key Transparency delivers a solid, scalable, and thus practical solution, replacing the problematic web-of-trust model traditionally used with PGP.”