From InfoWorld: Engineers from some of the world's largest email service providers have banded together to improve the security of email traffic traversing the Internet.
Devised by engineers from Google, Microsoft, Yahoo, Comcast, LinkedIn and 1&1 Mail & Media Development & Technology, the SMTP Strict Transport Security is a new mechanism that allows email providers to define policies and rules for establishing encrypted email communications.
The new mechanism is defined in a draft that was published late last week for consideration as an Internet Engineering Task Force (IETF) standard.
The Simple Mail Transfer Protocol (SMTP), which is used to transfer email messages between email clients and servers, as well as from one provider to another, dates back to 1982 and was not built with any encryption option.
For this reason, in 2002, an extension called STARTTLS was added to the protocol as a way to include TLS (Transport Layer Security) with SMTP connections. Unfortunately, over the following decade, the extension was not widely adopted, and email traffic exchanged between servers remained largely unencrypted.
View: Article @ Source Site
