GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Dan Goodin (dangoodin@infosec.exchange)'s status on Wednesday, 02-Apr-2025 03:05:38 JST Dan Goodin Dan Goodin

    Can anyone with deep knowledge of end-to-end encryption help me unpack Google's new E2EE offering for Workspace users?

    First of all, how is it true E2EE if it's using Google's Client Side Encryption?

    Second, how does it work? Sounds like organization stores keys in a cloud service, and when an employee in said organization wants to send an encrypted email, their browser downloads a public key from the cloud service, encrypts the message, and then it's sent to the recipient. Am I right so far?

    It's not clear to me how the message gets decrypted on the other side. Is it decrypted on Google's server, in the recipient's browser or email client, something else?

    All in all, how useful will this be to organizations? And might there be a way for individuals to use it someday?

    TIA.

    https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses

    In conversation about 2 months ago from infosec.exchange permalink
    • Embed this notice
      Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Wednesday, 02-Apr-2025 03:06:43 JST Ryan Castellucci :nonbinary_flag: Ryan Castellucci :nonbinary_flag:
      in reply to

      @dangoodin I've dropped this into a den of cryptographers for you.

      In conversation about 2 months ago permalink
    • Embed this notice
      Greg Slepak (taoeffect@crib.social)'s status on Wednesday, 02-Apr-2025 03:44:45 JST Greg Slepak Greg Slepak
      in reply to

      @dangoodin They explicitly say they are stored on their servers AFAICT. From that link:

      In conversation about 2 months ago permalink

      Attachments


      1. https://crib.social/media/df/58/4b/df584b2d120a54f7ad54010f6e3d597f160ee3e22ebf6af4c1d642048d0d66ef.jpg
    • Embed this notice
      Greg Slepak (taoeffect@crib.social)'s status on Wednesday, 02-Apr-2025 03:44:46 JST Greg Slepak Greg Slepak
      in reply to

      @dangoodin quickly skimmed, the "CSE" seems to just be storing keys on their server. you grab the keys from their server and decrypt the message. it's not E2EE.

      In conversation about 2 months ago permalink
    • Embed this notice
      Dan Goodin (dangoodin@infosec.exchange)'s status on Wednesday, 02-Apr-2025 03:44:46 JST Dan Goodin Dan Goodin
      in reply to
      • Greg Slepak

      @taoeffect

      Google specifically says keys are not stored on their server.

      https://support.google.com/a/answer/14328489#zippy=%2Chow-is-cse-different-from-end-to-end-ee-encryption%2Chow-do-users-encrypt-data-using-cse%2Care-there-any-limitations-for-users-when-using-cse%2Cwhich-partner-key-management-services-can-i-use-with-cse%2Ccan-i-use-google-as-my-key-management-service%2Ccan-i-use-multiple-key-services%2Ccan-i-use-smart-cards-with-cse%2Ccan-i-use-both-a-key-service-and-hardware-encryption-keys-for-gmail

      In conversation about 2 months ago permalink
      scriptjunkie repeated this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.