He said that you would ONLY need your password (just like you need it now), and you would DOWNLOAD you private key from GMail (or rather the encrypted version of you private key, and the client would decrypt it using your password as a key), so you wouldn’t need anything else with you.

I agree with you in the second part (the part about advertising and searching), however, I consider Aaron’s idea great in case of non-public webmail.

Tom

Take for example Keygloo. While this is a new product and yet to gain popularity, it is in general used by normal people to encrypt emails be it from email clients or web mails like Gmail, Yahoo, Hotmail and others. Keygloo simply associates the public key with a 10 digit number called the ëKeygloo Numberí which is all that is needed to exchange keys. Thus the key exchange can happen by word of mouth, business cards, or simply a phone call. The emails get encrypted end-to-end in the truest sense since the email is encrypted from the moment it is composed through the rest of its lifetime( both in transmission and storage).

This model offers more flexibility in the sense that once the product is installed and a key pair generated (or a Keygloo number obtained), the same number can be used for encryption in multiple mail systems. This reduces the complexity involved in PKI deployed in the core and also brings to zero any intrusion arising from untrustworthy administrators.