This website uses cookies to ensure you get the best experience on our website.
Please scroll to the bottom of page to read the notice if you are coming from the European Union...

Monday, March 21, 2016

In The Continuing Battle against Encroaching Tyranny

A group of independent security researchers and major Silicon Valley tech giants have submitted a proposal for a new email protocol called SMTP STS (Strict Transport Security).

 In theory, this new extension looks like the HSTS (HTTP Strict Transport Security) extension to HTTPS.

 Much like HSTS, SMTP STS brings message confidentiality and server authenticity to the process of starting an encrypted email communications channel. HSTS works alongside HTTPS to avoid SSL/TLS downgrades and MitM attacks. 

The biggest names on the contributors list include Microsoft, Google, Yahoo, LinkedIn, and Comcast. Last year, Oracle also submitted a similar proposal called DEEP (Deployable Enhanced Email Privacy).

No comments:

Post a Comment