Viewing a single comment thread. View all comments

t1_j0r0f3r wrote

Pretty sure CSE is limited to the paid Gmail for business and not the free consumer Gmail.

Businesses use key escrow so that they can recover emails sent through their system. Usually for things like recovery of data, or to comply with regatory requirements such as the US SEC requiring covered financial companies storing all communications.

Businesses doing key escrow should be storing only the keys used for encryption and not the private keys for signing emails and other things.

81

t1_j0r334h wrote

You are correct, CSE is a feature of Enterprise/Education versions of Gmail.

31

t1_j0smyhr wrote

That's no difference than current situation? Assuming that google encrypt all Gmail data anyway and the key is accessible to the org administrator should they ever need to assess the emails

3