@Gargron I was told protonmail has been doing this since forever.. idk .. if maintaining an E-Mail, Calendar and whatnot server with proper spam-filtering was that easy, I would switch in a blink of an eye, but GMail for Business just works so damn reliably and the whole suite is so good :(
It feels like google had an opportunity here to push better webmail encryption standards and ease-of-use for something like PGP, and instead fell right on their face and did email encryption how Microsoft does. I'd like to see a blog post on their reasoning in this case, if one's been posted.
Now, both Micro$oft and G👀gle use cases for this type of email protection do work in corporate and business environments, but is very much in their own interested when it comes to home users.
@crazypedia @Gargron They have an "end-to-end team," or at least they did. The dates on these commits should tell you how...committed...Google is to end-to-end encryption in Gmail. (Spoiler alert: they're not.)
@Gargron I can understand Google sending links in their eMails like ProtonMail does, but requiring a login? No way.
Afterall eMail does require extension, not for self-destructing eMails (that security is akin to DRM and can't properly make it's way into standards) but for real security. But then again, the links should be a fallback implementation and not the main one.
@Gargron We've been using protonmail for a while, mainly because they made, in our opinion, a sensible choice to allow IMAP on the understanding that this desecures end-to-end, but allows business decisions on level of risk, rather than enforcing their client usage.
Tutanota haven't caught up here yet.
For password and certificate exchange type of thing, we drop out to Signal, which we install for each server/user, so each server/user has their own phone number.
It's setup-intensive, in our current form difficult to scale, but for personal and smaller SMB usage quite workable.
There are obvious compliance issues with archiving, still working on this.