The End-to-End crypto library is a core component of several projects of the IT giant such as the E2EMail, a Chrome app that runs independent of the normal Gmail web interface and allows non-technical users to exchange encrypted text mail over Gmail.
In the past, Google shared the E2EMail source code in order to receive the contributions from several security communities. Now Google has now announced that the same project is no more a Google product, instead, it has become a “fully community-driven open source project.”
The decision is probably motivated by the consideration that no one since now has developed a Chrome extension for E2EMail.
“E2EMail is not a Google product, it’s now a fully community-driven open source project, to which passionate security engineers from across the industry have already contributed.” reads the blog post published by Google.
“E2EMail offers one approach to integrating OpenPGP into Gmail via a Chrome Extension, with improved usability, and while carefully keeping all cleartext of the message body exclusively on the client. E2EMail is built on a proven, open source Javascript crypto library developed at Google.”
Google is looking forward to receive the support of the security community to integrate E2EMail with other projects.
“E2EMail in its current incarnation uses a bare-bones central keyserver for testing, but the recent Key Transparency announcement is crucial to its further evolution,” continues the post. “Key discovery and distribution lie at the heart of the usability challenges that OpenPGP implementations have faced. Key Transparency delivers a solid, scalable, and thus practical solution, replacing the problematic web-of-trust model traditionally used with PGP.”
[adrotate banner=”9″]
(Security Affairs – Google, encryption)