Today, the two German telecom providers Deutsche Telekom and United Internet (1und1, Web.de, GMX.de) announced to provide end-to-end encryption for users of De-Mail. The Mailvelope browser extension will be integrated into the De-Mail webmail client and be used for all PGP related encryption services. In the last months we have worked together with 1und1 and Deutsche Telekom on this integration to improve the usability of PGP in a webmail environment and at the same time enforcing strong boundaries between browser extension and De-Mail web server.
The Mailvelope browser extension is available for Google Chrome since 2012. In its current mode of operation PGP capabilities are added to the frontend of supported webmail providers. The advantage of this approach is that all encryption relevant services and the key storage are encapsulated in a locally installed browser extension which is isolated from the webmail client.
To integrate with the De-Mail system Mailvelope developed a client API that further improves usability and adds features like encrypted attachments. Mailvelope's secured user interface components can be seamlessly embedded into web applications. The API is open, documented and available for review in our GitHub repository.
We are excited to partner with the DE-Mail alliance and bring end-to-end encryption to a wider audience.