Possibly most are familiar with the new GMAIL Transport Layer Security (TLS) but after a very quick searches at FF nothing was returned about this subject.
The below could be useful as investigator background knowledge or maybe student research.
GMAIL unveiled its new email encryption defined for the user as a RED closed or open PADLOCK on Safer Internet Day.
Research Links
https://
https://
https://
http//
Basically, where a Gmail user receives an email sent from a sender that hasn't encrypted the message using Transport Layer Security (TLS) encryption, Gmail will display an open red padlock icon near to the sender and receivers address. Using the drop arrow icon next to "to me" reveals more about the sent message. Using the drop arrow icon next to the message sent date enables investigators to activate "Show Original" message. The latter is not new but it being referred to just for completeness.
In addition, where a Gmail user receives a message that cannot be authenticated with either SPF (Sender Policy Framework) or DKIM (Domain Keys Identified Mail), should the sender’s profile have a photo or avatar either will be replaced with a red question mark. Clicking on the icons will give the user more information about the authentication associated with the received email.
RFC 5246 ( https://
However, the TLS standard does not specify how protocols add security with TLS. Instead, the decisions on how to initiate TLS handshaking and how to interpret the authentication certificates exchanged has been left to the judgment of those who design and implement protocols that run on top of TLS.
Very useful explained, thank you! Its may worth considering in TLS 1.2 to prefer SHA256 signatures over SHA1, as SHA1 soon will be broken (few months)