Internet Research Group Proposes Better Email Standard

Mar 22, 2016

Improvements to SMTP will provide better guarantee of confidentiality

A group of researchers at some of the leading Internet companies have released the draft of a new mechanism for mail service providers to declare their ability to receive TLS-based secure email connections. The new feature fixes a flaw in the SMTP STS extension, which was supposed to be an update for mail security but failed to guarantee confidentiality or proof of server authenticity.

The new document proposes a means for the receiving server to declare its TLS support in advance, thus eliminating the negotiation phase, which makes the protocol vulnerable to various attack techniques. See the article in the Register for additional information.

Related content

  • Groklaw Closes

    Award-winning FOSS legal site shuts down on fears of government surveillance.

    more »
  • News

    Updates on Technologies, Trends, and Tools

    more »
  • Blocking Spam Intro

    Spammers charge real money for their dubious services, and hundreds of advertisers are willing to pay. We’ll show you some innovative techniques for controlling and containing spam, including strategies for slowing down spam bots, keeping spammers from getting your address, and separating spam from legitimate email.

    more »
  • The Mask: Scary New Face of Internet Intrusion

    Ultra-sophisticated attack tool might have originated from a state-sponsored intelligence service.

    more »
  • Inventor of Email Dies

    Pioneer Ray Tomlinson bequeathed the @ sign to billions of Internet users

    more »
comments powered by Disqus

Issue 234/2020

Buy this issue as a PDF

Digital Issue: Price $12.99
(incl. VAT)

News

Tag Cloud

Administration Community Desktop Events Hardware Linux Linux Pro Magazine Mobile Programming Software Ubuntu Web Development Windows free software open source