Microsoft, Google, Yahoo, Comcast working on better email encryption

Quite a few big companies and private researchers have proposed a protocol to make email a little more secure than it already is, which isn't at all.

| Mar 21, 2016 at 5:03 pm CDT

Encryption is a very pertinent issue in the modern age. We're at an impasse where certain individuals and groups would rather encryption be the stuff of history, perhaps even segregating encryption strengths like was common during the 80's and 90's. Email encryption isn't exactly the easiest thing to setup and requires a bit of preparation to do right. It can be cumbersome even to those that know what they're doing. A group of tech companies and independent researchers have gotten together to help make encryption of your emails easier, and much more seamless.

Microsoft, Google, Yahoo, Comcast working on better email encryption | TweakTown.com

The new protocol that has been proposed is called SMTP STS, or Simple Mail Transfer Protocol Strict Transport Security, and is designed to ensure a secure, encrypted connection with email servers. It's not a method of encrypting your emails themselves, which would be best served by any free, or paid, PGP solution, but it adds a measure of security to email that helps to make sure that you're messages are at leat going through real, authentic mail servers to get to their destination.

What it does is talk those email servers that it's traveling through to determine whether or not the connection is secure and that it's who they say they are. If the server can be authenticated (through the use of certificates and a TLS encryption-based connection), then your message will pass along, knowing that at least that server is legit. If no encryption can be used, then there's the option that the message won't be sent.

It doesn't sound like much at first, but it'll help prevent some man-in-the-middle attacks from stealing your email, and each hop should theoretically be sent with TLS encryption. Combined with a good PGP plugin, a provider that encrypts your data at rest and MFA, and you've got a very secure communication system. This is only a draft at the moment, but if it gets ratified, then email will be that much more secure.

Last updated: Jun 16, 2020 at 04:29 pm CDT

NEWS SOURCE:tools.ietf.org

ABOUT THE AUTHOR -

Jeff grew up in the Pacific Northwest where he fell in love with gaming and building his own PC’s. He's a huge fan of any genre of gaming from RTS to FPS, but especially favors space-sims. Now he's stepped into the adult world by becoming a professional student looking to break into the IT Security world. When he’s not deep in his studies, he’s deep in a new game, revisiting an old game, or testing the extreme limits of his own PC. He's now a news contributor for TweakTown, looking to bring a unique view on technology and gaming.

Related Tags