Regarding PGP being used between 2 providers, eg Google and Proton, what prevents Google from viewing the messages client side after they’ve been decrypted?
Regarding PGP being used between 2 providers, eg Google and Proton, what prevents Google from viewing the messages client side after they’ve been decrypted?
If you’re using a third-party email client, but using a gmail email address, then PGP would stop Google from reading your emails (assuming the private keys aren’t compromised).
If you’re using their email client, then nothing stops them from decrypting your emails if they really wanted to. IIRC, gmail doesn’t natively support PGP anyways though, so you’d have to use a third-party client.
Thank you. This was my understanding too.
There are extensions that let you encrypt/decrypt messages right in your Gmail inbox. I’m not sure whether that would let Google grab the decrypted messages using JavaScript, though.