Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/dangoodin/statuses/114264017731362869">Dan Goodin (dangoodin@infosec.exchange)'s status on Wednesday, 02-Apr-2025 03:05:38 JST</a><a href="https://infosec.exchange/@dangoodin" title="dangoodin@infosec.exchange"><img src="https://gnusocial.jp/avatar/92418-48-20240105201020.webp" width="48" height="48" alt="Dan Goodin" style="position: absolute; left: 0; top: 0;">Dan Goodin</a></section><article><p>Can anyone with deep knowledge of end-to-end encryption help me unpack Google's new E2EE offering for Workspace users?</p><p>First of all, how is it true E2EE if it's using Google's Client Side Encryption? </p><p>Second, how does it work? Sounds like organization stores keys in a cloud service, and when an employee in said organization wants to send an encrypted email, their browser downloads a public key from the cloud service, encrypts the message, and then it's sent to the recipient. Am I right so far?</p><p>It's not clear to me how the message gets decrypted on the other side. Is it decrypted on Google's server, in the recipient's browser or email client, something else?</p><p>All in all, how useful will this be to organizations? And might there be a way for individuals to use it someday?</p><p>TIA.</p><p><a href="https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses" rel="nofollow">https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4828186#notice-9456088">In conversation</a><time datetime="2025-04-02T03:05:38+09:00" title="Wednesday, 02-Apr-2025 03:05:38 JST">about 3 days ago</time> <span>from <span><a href="https://infosec.exchange/@dangoodin/114264017731362869" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@dangoodin/114264017731362869">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Dan Goodin (dangoodin@infosec.exchange)'s status on Wednesday, 02-Apr-2025 03:05:38 JST Dan Goodin
Can anyone with deep knowledge of end-to-end encryption help me unpack Google's new E2EE offering for Workspace users?
First of all, how is it true E2EE if it's using Google's Client Side Encryption?
Second, how does it work? Sounds like organization stores keys in a cloud service, and when an employee in said organization wants to send an encrypted email, their browser downloads a public key from the cloud service, encrypts the message, and then it's sent to the recipient. Am I right so far?
It's not clear to me how the message gets decrypted on the other side. Is it decrypted on Google's server, in the recipient's browser or email client, something else?
All in all, how useful will this be to organizations? And might there be a way for individuals to use it someday?
TIA.
https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses
In conversationabout 3 days ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice