Submitted by psychothumbs t3_zp40e0 in technology
beef-o-lipso t1_j0r0f3r wrote
Reply to comment by The-Brit in Google introduces end-to-end encryption for Gmail on the web by psychothumbs
Pretty sure CSE is limited to the paid Gmail for business and not the free consumer Gmail.
Businesses use key escrow so that they can recover emails sent through their system. Usually for things like recovery of data, or to comply with regatory requirements such as the US SEC requiring covered financial companies storing all communications.
Businesses doing key escrow should be storing only the keys used for encryption and not the private keys for signing emails and other things.
cowmonaut t1_j0r334h wrote
You are correct, CSE is a feature of Enterprise/Education versions of Gmail.
Pomnom t1_j0smyhr wrote
That's no difference than current situation? Assuming that google encrypt all Gmail data anyway and the key is accessible to the org administrator should they ever need to assess the emails
Viewing a single comment thread. View all comments