New extension suggestion: OpenPGP support in the browser
112 views
Skip to first unread message
Ryan Delaney
Nov 9, 2010, 1:52:05 PM11/9/10
to Chromium-extensions
Over at the help forum for Google Chrome, Len Sassaman made the
following post a few months back: http://goo.gl/T8NaE
>Instead of having to rely on a third-party, plugin-driven interface like Firefox must to provide OpenPGP encryption for Gmail with the
>FireGPG plugin, Chrome could implement OpenPGP for Gmail natively in the browser, utilizing the browser's security model to achieve
>a higher degree of confidence in the system and a better UX.
>
>I'm a former member of the PGP Security engineering team, and I have an implementation of OpenPGP in C that could be reused to
>some extent (BSD-equiv. license). Or I could help advise on implementation from scratch; I'm fairly proud of the RFC's readability and
>implementor-oriented focus, which makes OpenPGP implementation a comparatively smooth process (as opposed to S/MIME or X.509
>in general.) If this strike's anyone's fancy on the Chrome team, please feel free to contact me.B
>
>Best,Len
I did a search for OpenPGP and PGP and found nothing here, and I can't
find any evidence that PGP extensions exist or are in development for
Chrom(ium). I don't know whether Len Sassaman could contacted or
recruited still, but filling the gap in email security in GMail is
something Google toyed with and eventually abandoned (http://goo.gl/
VqG7), it sounds like Google Chrome could fill the shoes left by
FireGPG with web-based PGP support in Gmail (and possibly others).
Is this feasible? My understanding is that US export restrictions are
no longer at issue when it comes to PGP.
Ryan
following post a few months back: http://goo.gl/T8NaE
>Instead of having to rely on a third-party, plugin-driven interface like Firefox must to provide OpenPGP encryption for Gmail with the
>FireGPG plugin, Chrome could implement OpenPGP for Gmail natively in the browser, utilizing the browser's security model to achieve
>a higher degree of confidence in the system and a better UX.
>
>I'm a former member of the PGP Security engineering team, and I have an implementation of OpenPGP in C that could be reused to
>some extent (BSD-equiv. license). Or I could help advise on implementation from scratch; I'm fairly proud of the RFC's readability and
>implementor-oriented focus, which makes OpenPGP implementation a comparatively smooth process (as opposed to S/MIME or X.509
>in general.) If this strike's anyone's fancy on the Chrome team, please feel free to contact me.B
>
>Best,Len
I did a search for OpenPGP and PGP and found nothing here, and I can't
find any evidence that PGP extensions exist or are in development for
Chrom(ium). I don't know whether Len Sassaman could contacted or
recruited still, but filling the gap in email security in GMail is
something Google toyed with and eventually abandoned (http://goo.gl/
VqG7), it sounds like Google Chrome could fill the shoes left by
FireGPG with web-based PGP support in Gmail (and possibly others).
Is this feasible? My understanding is that US export restrictions are
no longer at issue when it comes to PGP.
Ryan
Arne Roomann-Kurrik
Nov 9, 2010, 5:29:23 PM11/9/10
to Ryan Delaney, Chromium-extensions
From a technical point of view, this seems feasible for an NPAPI extension to do, especially if the library is written in C - it's probably just a matter of someone taking the initiative to package/wire everything up.
I won't comment nor speculate on export restrictions - consult a lawyer.
~Arne
--
You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
To post to this group, send email to chromium-...@chromium.org.
To unsubscribe from this group, send email to chromium-extens...@chromium.org.
For more options, visit this group at http://groups.google.com/a/chromium.org/group/chromium-extensions/?hl=en.
Ryan Delaney
Nov 10, 2010, 11:45:10 AM11/10/10
to Chromium-extensions
Fair enough. For my part, what I have in motivation I lack in
technical know-how. So it seems that the issue is finding someone who
wants to take the initiative to package/wire everything up. Do you
know anyone? ;)
Ryan
On Nov 9, 2:29 pm, Arne Roomann-Kurrik <kur...@chromium.org> wrote:
> From a technical point of view, this seems feasible for an NPAPI extension
> to do, especially if the library is written in C - it's probably just a
> matter of someone taking the initiative to package/wire everything up.
>
> I won't comment nor speculate on export restrictions - consult a lawyer.
>
> ~Arne
>
> > To post to this group, send email to chromium-extensi...@chromium.org.
> > .
technical know-how. So it seems that the issue is finding someone who
wants to take the initiative to package/wire everything up. Do you
know anyone? ;)
Ryan
On Nov 9, 2:29 pm, Arne Roomann-Kurrik <kur...@chromium.org> wrote:
> From a technical point of view, this seems feasible for an NPAPI extension
> to do, especially if the library is written in C - it's probably just a
> matter of someone taking the initiative to package/wire everything up.
>
> I won't comment nor speculate on export restrictions - consult a lawyer.
>
> ~Arne
>
> > To unsubscribe from this group, send email to
> > chromium-extensions+unsubscr...@chromium.org<chromium-extensions%2Bunsubscr...@chromium.org>
> > .
Arne Roomann-Kurrik
Nov 10, 2010, 1:07:08 PM11/10/10
to Ryan Delaney, Chromium-extensions
Not off the top of my head, but there may be someone on this list :)
~Arne
To post to this group, send email to chromium-...@chromium.org.
To unsubscribe from this group, send email to chromium-extens...@chromium.org.
Reply all
Reply to author
Forward
0 new messages