FossaGuard: Encrypt Gmail with S/MIME

Fossa Guard enables end-to-end S/MIME encryption on top of Gmail® complementing it with industry standard privacy

What is FossaGuard: Encrypt Gmail with S/MIME?

FossaGuard: Encrypt Gmail with S/MIME is a Chrome extension that provides an easy way to securely email with Gmail on Desktop and Android. The extension enables the user to encrypt and sign Gmail messages with S/MIME, a widely adopted email security standard. Fossa Guard also generates a key pair in-browser, ensuring the private key always stays with the user. It offers a free X.509 certificate, essential for S/MIME encryption, that stays valid for 3 months.

Download

Stats

By: https://fossa.me

View on Chrome Web Store

Users: 1,000+

Rating: 2.87 (15)

Version: 0.4.20 (Last updated: 2021-05-16)

Creation date: 2020-01-12

Risk impact: Very high risk impact

Risk likelihood: Low risk likelihood

Manifest version: 2

Permissions:

storage
identity
identity.email
https://www.googleapis.com/gmail/*
https://www.google.com/m8/feeds/contacts/*
https://fossa.me/
http://*/
https://*/
tabs
windows

Size: 2.24M

Email: fo*****@gmail.com

URLs: Website ,Privacy policy

Stats date:

Chrome-Stats Rank

# 25322 ▼ 198

Other rankings

#1842 in Social Networking ▲ 5 #35 in encrypt keyword 19

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

Secure e-mailing with Gmail becomes easy on Desktop and Android. Encrypt and Sign your Gmail messages with industry standard - S/MIME using Chrome, Yandex or Firefox browsers.

Fossa Server and Fossa Guard web extension provide secure mailing solution on top of Gmail (TM) following S/MIME specification.

Fossa Guard generates key pair within your browser then Fossa Server securely supplies you with personal X.509 certificate upon Certificate Signing Request (CSR) so that your private key always stays with you.

Use Fossa Guard extension to sign or to encrypt your email with X.509 certificate. The certificate is free and stays valid for 3 months (beta phase limitation).

Fossa Guard has own autonomous Compose dialog to avoid unsecured email content auto-saving.

Your private key is protected by pass-phrase and is replicated alongside with trusted certificates via your protected local user storage. Use Fossa Guard to get details on certificates in your repository.

Please refer to Privacy policy at https://fossa.me/policy

User reviews

User reviews summary

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros

Ability to sign emails with generated certificates
Well-integrated into Gmail
Users can include their own certificate
Notably seamless integration
Has attachments support

Cons

Does not work always
Difficult to use and setup
Certificates are not recognized by mail clients (e.g., Thunderbird) because they are not issued by trusted CA
Many permissions required
Issues with entering email addresses by hand
Certificates are only valid for three months and maximum attachment size is 100KB
Window closes if the passphrase is wrong even once

Most mentioned

Issues with logging in
Complications with usage and setup
Non-acceptance of certificates by trusted CA
Using own certificates
Attachment support

Recent reviews

Worked before but now it cannot detect logged in user in gmail it seems, cause it says I am logged in with null

Franci Šacer, 2022-06-10

Puedes leer la valoración en español mas abajo. [ENGLISH] The good ... -You can sign the emails with the certificate that they generate and it is well integrated into Gmail. - You can include your own certificate (I haven't tried it) The bad ... - The certificate with which it is signed is not recognized as valid by mail clients (for example Thunderbird) because it is not issued by a trusted CA. Not good not bad ... - The permits that must be given are many, but at least they seem reasonable. - I don't trust uploading my own certificate to a server. The summary... - If the certificates were issued by a trusted CA I would use it, but sending emails that carry a certificate notice seems ugly to me. I can't ask my senders to include a CA on their computers because I'm going to send them emails. [ESPAÑOL] Lo bueno ... -Puedes firmar los correos con el certificado que te generan y está bien integrado en Gmail. - Puedes incluir tu propio certificado (no lo he probado) Lo malo ... - El certificado con el que se firma no es reconocido como válido por los clientes de correo (por ejemplo Thunderbird) porque no lo emite una CA de confianza. Ni bueno ni malo ... - Los permisos que hay que darle son muchos, pero al menos parecen razonables. - No me fio de subir un certificado emitido para mi email por una CA de confianza a un servidor. Debería poder dar la opción de firmar en local. El resumen... - Si los certificados estuviesen emitidos por una CA de confianza la usaría, pero enviar emails que llevan un aviso de certificado me parece feo. No puedo pedirle a mis remitentes que incluyan una CA en sus equipos porque yo les vaya a enviar emails.

Carlos C., 2021-01-19

it just doesn't work. It's just too complicated. Tried this, tried that, free version, paid - it would just never work, always something new coming up. Not mature yet.

Nathan Kaiser, 2018-07-28

View all user reviews

Safety

Risk impact

FossaGuard: Encrypt Gmail with S/MIME is very risky to use and it requires a lot of sensitive permissions. Avoid installing this extension unless you absolutely trust this publisher.