Fossa Guard Web extension
Effective date: 07 February, 2019
Fossa Team has designed the solution with the only main goal to supply Gmail users with privacy via
industry-grade email encryption (S/MIME) integrated into the web browser.
about how Fossa Team will collect, use, share or otherwise process any personal data or usage
Fossa Guard web extension
Fossa Guard web extension operates fully locally and keeps user data within the local computer only.
Under user data, we mean email body in plain text, files attachments, private key, certificates, list of Google contacts.
Please note that:
- the private key is stored inside the passphrased pkcs#12 archive and Fossa Guard requests User for the
passphrase to access the private key to decrypt emails.
- user emails are stored at Gmail in S/MIME format and appear in Gmail UI like emails with smime.p7m
Fossa Guard requests Gmail API about properties of new incoming emails and if email's content-type corresponds to
it by S/MIME label i.e. modifies it. Please note that this is the only case when Fossa Guard "modifies" your emails
according to Google's permissions classification.
Fossa Guard creates S/MIME label if it doesn't exist in in User Gmail settings.
Fossa Guard web extension extends Gmail UI with the following functionality:
- Compose S/MIME - opens a dedicated window for the user to type email body and to add attachments. When user
types a email address Fossa Guard requests a list of Google contacts to help User to select the addressee
from the list.
- Send S/MIME - upon clicking Send button Fossa Guard:
- encrypts or/and signs an email's body (including attachments),
- forms S/MIME email
- sends it using raw format API
- marks it by S/MIME label
- View S/MIME - for S/MIME emails Fossa Guard displays the "View Content" link to:
- take email raw content with smime.p7m attachment
- decrypt it if encrypted after requesting user the access to private key
- display decrypted email body and attachments
- check if the signature is valid if the email was signed
The above functionality requires the following permissions (as per Google classfication) for Fossa Guard web extension:
- View your email messages
- Search your email messages
- View your settings (e.g., filters and labels)
- Send email that appears to have been sent by you
- View and manage mailbox labels (but not add or remove labels on email messages)
- View and modify your mail in Gmail
- May move mail to Spam/Trash but not instantly delete forever (Fossa Guard never does it)
- Create, update and delete labels
- Compose and send new email
- See and make a copy of your Google contacts
Fossa extension users are authenticated using Google OpenID. Fossa team doesn’t
transmit user identity using it exclusively to call Google services:
- Contacts to display a list of recipients
- Gmail to send and read emails
Should you have any questions or clarifications do not hesitate to contact firstname.lastname@example.org
Firefox extension link: FossaGuard for Firefox
How to use on Android
How to FossaGuard for Firefox on Andorid
How to FossaGuard for Yandex on Andorid