OpenPGP implementation for webmail encryption
The idea of being able to encrypt and decrypt their email correspondence might appeal to a lot of users, but not all of them are technically savvy enough to implement solutions such as PGP (Pretty Good Privacy) on their computers.
But, researchers from security firm Recurity Labs might have come up with a rather helpful (if still not a completely foolproof) solution to that problem.
Created by a group of researchers from security company Recurity Labs, this prototype is currently only available as an extension for the Chrome browser, but if we consider its name, extensions for other popular browsers might not be far behind.
According to the researchers, the prototype for now allows only the encryption and description of messages, the signing and verifying of message signatures, and the importing and exporting of certificates. It supports all asymmetric, symmetric ciphers (except IDEA) and hash functions specified in the OpenPGP standard.
Currently unavailable is the generation, manipulation or creation of signatures on keys, the use of several signature types on keys, the encryption of messages with only a symmetric cypher and the compression of data packets.
In short, it seems that for now the browser extension can come in hand only to users who want to use it on their own computers, and only if they are sure they haven’t been compromised in any way. Adding it to a browser on public or unfamiliar computers should be out of the question, and this fact limits severely its use.
The code of the implementation has been released under the GNU Lesser Public License, and it is available here.