PGP encryption is one of the most frequently requested features for Roundcube and for good reasons more and more people start caring about end-to-end encryption in their everyday communication. But unfortunately webmail applications currently can’t fully participate in this game and doing PGP encryption right in web-based applications isn’t a simple task. Although there are ways and even some basic implementations, all of them have their pros and cons. And yet the ultimate solution is still missing.
Browser extensions to the rescue
In our opinion, the way to go is with a browser extension to do the important work and guard the keys. A crucial point is to keep the encryption component under the user’s full control which in the browser and http world can only be provided with a native browser plugin. And the good news is, there are working extensions available today. The most prominent one probably is Mailvelope which detects encrypted message bodies in various webmail applications and also hooks into the message composition to send signed and encrypted email messages with your favorite webmail app. Plus another very promising tool for end-to-end encryption is coming our way: p≡p. A browser extension is at least planned in the longer term. And even Google just started their own project with the recently announced end-to-end Chrome extension.
That’s a good start indeed. However, the encryption capabilities of those extensions only cover the message body but leave out attachments or even pgp/mime messages. Mostly because there extension has limited knowledge about webmail app and there’s no interaction between the web app and the extension. On the other side, the webmail app isn’t aware of the encryption features available in the user’s browser and therefore suppresses certain parts of a message like signatures. A direct interaction between the webmail and the encryption extension could help adding the missing pieces like encrypted attachment upload and message signing. All we need to do is to introduce the two components to each others.
From the webmail developer’s perspective
So here’s a loose list of functionality we’d like to see exposed by an encryption browser extension and which we believe would contribute to an integrated solution for secure emailing.
A global (
window.encryption-style) object providing functions to:
- List of supported encryption technologies (pgp, s/mime)
- Switch to manual mode (i.e. disabling automatic detection of webmail containers)
For message display:
- Register message content area (jQuery-like selector)
- Setters for message headers (e.g. sender, recipient)
- Decrypt message content (
- Validate signature (pass signature as argument)
- Download and decrypt attachment from a given URL and
- a) prompt for saving file
- b) return a
FileReaderobject for inline display
- Bonus points: support for pgp/mime; implies full support for MIME message structures
For message composition:
- Setters for message recipients (or recipient text fields)
- Register message compose text area (jQuery-like selector)
- … or functions to encrypt and/or sign message contents (
- Query the existence of a public key/certificate for a given recipient address
- File selector/upload with transparent encryption
- … or an API to encrypt binary data (from a
FileReaderobject into a new
Regarding file upload for attachments to an encrypted messages, some extra challenges exist in an asynchronous client-server web application: attachment encryption requires the final recipients to be known before the (encrypted) file is uploaded to the server. If the list of recipients or encryption settings change, already uploaded attachments are void and need to be re-encrypted and uploaded again.
And presumably that’s just one example of possible pitfalls in this endeavor to add full featured PGP encryption to webmail applications. Thus, dear developers of Mailvelope, p≡p, WebPG and Google, please take the above list as a source of inspiration for your further development. We’d gladly cooperate to add the missing pieces.