FossaGuard: Encrypt Gmail with S/MIME

Fossa Guard enables end-to-end S/MIME encryption on top of Gmail® complementing it with industry standard privacy

What is FossaGuard: Encrypt Gmail with S/MIME?

FossaGuard: Encrypt Gmail with S/MIME is a Chrome extension that provides an easy way to securely email with Gmail on Desktop and Android. The extension enables the user to encrypt and sign Gmail messages with S/MIME, a widely adopted email security standard. Fossa Guard also generates a key pair in-browser, ensuring the private key always stays with the user. It offers a free X.509 certificate, essential for S/MIME encryption, that stays valid for 3 months.

Download

Extension stats

By: https://fossa.me

View on Chrome Web Store

Users: 1,000+

Rating: 2.79 (14)

Version: 0.4.20 (Last updated: 2021-05-16)

Creation date: 2020-01-12

Risk impact: Very high risk impact

Risk likelihood: Low risk likelihood

Manifest version: 2

Permissions:

storage
identity
identity.email
https://www.googleapis.com/gmail/*
https://www.google.com/m8/feeds/contacts/*
https://fossa.me/
http://*/
https://*/
tabs
windows

Size: 2.24M

Email: fo*****@gmail.com

URLs: Website ,Privacy policy

Ranking

# 26885 ▼ 116

Other rankings

#1917 in Social Networking ▼ 7 #36 in encrypt keyword 21 ▼ 2

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

Secure e-mailing with Gmail becomes easy on Desktop and Android. Encrypt and Sign your Gmail messages with industry standard - S/MIME using Chrome, Yandex or Firefox browsers.

Fossa Server and Fossa Guard web extension provide secure mailing solution on top of Gmail (TM) following S/MIME specification.

Fossa Guard generates key pair within your browser then Fossa Server securely supplies you with personal X.509 certificate upon Certificate Signing Request (CSR) so that your private key always stays with you.

Use Fossa Guard extension to sign or to encrypt your email with X.509 certificate. The certificate is free and stays valid for 3 months (beta phase limitation).

Fossa Guard has own autonomous Compose dialog to avoid unsecured email content auto-saving.

Your private key is protected by pass-phrase and is replicated alongside with trusted certificates via your protected local user storage. Use Fossa Guard to get details on certificates in your repository.

Please refer to Privacy policy at https://fossa.me/policy

User reviews

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros

Well integrated into Gmail
Ability to sign emails with generated certificates
Offers support for attachments
Seamless integration
Free S/MIME implementation for Gmail

Cons

Certificates not recognized as valid by other email clients
Complex setup with issues in detecting logged in users
Short certificate lifespan and attachment size limitations
Lacks functionality for verifying received email signatures
Concerns about uploading personal certificates to a server

Most mentioned

Issues with certificate validity
Integration with Gmail
Complexity and instability of the extension
Problems with entering email addresses
Short certificate lifespan

Recent reviews

Worked before but now it cannot detect logged in user in gmail it seems, cause it says I am logged in with null

Franci Šacer, 2022-06-10

Puedes leer la valoración en español mas abajo. [ENGLISH] The good ... -You can sign the emails with the certificate that they generate and it is well integrated into Gmail. - You can include your own certificate (I haven't tried it) The bad ... - The certificate with which it is signed is not recognized as valid by mail clients (for example Thunderbird) because it is not issued by a trusted CA. Not good not bad ... - The permits that must be given are many, but at least they seem reasonable. - I don't trust uploading my own certificate to a server. The summary... - If the certificates were issued by a trusted CA I would use it, but sending emails that carry a certificate notice seems ugly to me. I can't ask my senders to include a CA on their computers because I'm going to send them emails. [ESPAÑOL] Lo bueno ... -Puedes firmar los correos con el certificado que te generan y está bien integrado en Gmail. - Puedes incluir tu propio certificado (no lo he probado) Lo malo ... - El certificado con el que se firma no es reconocido como válido por los clientes de correo (por ejemplo Thunderbird) porque no lo emite una CA de confianza. Ni bueno ni malo ... - Los permisos que hay que darle son muchos, pero al menos parecen razonables. - No me fio de subir un certificado emitido para mi email por una CA de confianza a un servidor. Debería poder dar la opción de firmar en local. El resumen... - Si los certificados estuviesen emitidos por una CA de confianza la usaría, pero enviar emails que llevan un aviso de certificado me parece feo. No puedo pedirle a mis remitentes que incluyan una CA en sus equipos porque yo les vaya a enviar emails.

Carlos C., 2021-01-19

it just doesn't work. It's just too complicated. Tried this, tried that, free version, paid - it would just never work, always something new coming up. Not mature yet.