[sliverstorm]

this would make "intercepts" far more difficult

Yup, Google is doubtless completely in cahoots with the NSA.

... Really? Is that what you are thinking? Apply some rational thinking here. It's simpler than that. Google advertises to you based on the contents of your email. It is not in Google's interests to prevent themselves from being able to read your email, and if they can read it so can the NSA.

[leot]

I don't understand why everyone seems to think this is an issue. It's as though the only alternative to the status quo is local host browser-level crypto.

The implementation I'm referring to doesn't preclude Gmail from reading emails it has of yours. It just means that only Gmail can read them, because only Gmail has your private key, a private key that's associated with two-factor authentication, and a private key you could optionally use elsewhere, too.

[sliverstorm]

That would work fine, if all the NSA did was sniff traffic on the backbones.

[leot]

The idea that the biggest reason to have PGP is to protect ourselves from some nefarious gov't entity is silly, though in the longer-run it can definitely help make this happen. PGP/PKI affords incredible technological advantages. If webmail providers offered it, OpenID (etc., etc.) would become quickly redundant (e.g.).