2020 was not an easy year for business communications when most conversations switched online causing growing email volumes and rising breach risk due to stressed employees' mistakes.
Fossa Team, realizing the importance of safe and secure email exchange for doing business in social isolation conditions continuously improved the S/MIME extension for Gmail and finally officially released V1.0 of Pro edition.
The list of features and improvements:
- Hidden subject via rfc822 wrapping supported by Outlook and Thunderbird
- Ability to switch existing email thread into S/MIME via the dedicated toolbar
- S/MIME signed only support avoiding MIME parts repacking by Gmail servers
- User certificates availability and validity details with in-place certificate import from a file or Fossa registry
- Option to auto-index S/MIME messages while User decrypt and read them
- Usability improvements including the ability to minimize Compose / View window
Below you can find detailed explanations with screenshots.
We are sure that the 2021 year continues requesting more security and safety for email conversations so we will eager to improve Fossa solution availability and usability focusing on our customers' primary needs.
An ability while composing S/MIME message to hide the Subject and Recipient's name (leaving only email address) by wrapping the original message using content-type message/rfc822 and encrypting it leaving Google the bare minimum of metadata.
Note that Outlook and Thunderbird support this ability right from the box. So Fossa team is again using only industry proved solutions keeping compatibility.
Ability to switch existing email thread into S/MIME|
Each email is now supplied with a Fossa bar containing buttons for Reply All, Reply, Forward options in S/MIME format which makes a copy of the email into the Fossa Compose window making it possible to switch conversation into S/MIME signed and encrypted format.
Note that for S/MIME messages the bar contains buttons:
- Decrypt - to view the original message of S/MIME encrypted
- View Original Message - to view S/MIME signed with signature details
S/MIME signed support
It has been for a while we thought about how to avoid Google mail servers mangling S/MIME signed only emails because after the repacking of MIME entities and restricting access to S/MIME signature any validation becomes useless.
We noticed the difference in how Google mail servers change S/MIME signed only emails and decided to implement a different approach for emails to *@gmail.com and other addresses.
For internal Gmail addresses, we use multipart/mixed content type with the original S/MIME signed message as an attachment, so that Fossa Guard extensions was able to parse it validate the signature of the original message.
More details can be found here: https://fossaguard.blogspot.com/2020/06/fossa-guard-pro-10-smime-signed-support.html
User certificates details
When composing a S/MIME message in addition to color indication for an email address it's helpful to know what User you're addressing and what certificates (and their validity) are available for him.
This information is now available in the popup available by the click on the email address pillow.
Note that it's possible in-place to:
- Upload a new certificate from a file or
- Add a corresponding one from the Fossa certificates registry
In addition to search in S/MIME encrypted emails via local index, we introduced an option to auto-index S/MIME emails while reading improving usability.
User Interface improvements
- Roboto font has become a default font to be aligned with Gmail appearance.
- Compose window now can be minimized not blocking access to Gmail.
- The local search index is represented by a bar demonstrating how many does it takes in available memory.
Here is the Fossa Guard Pro V1.0 playlist with videos demonstrating the above functionality: