New proposal to IETF aims to see email become more secure

A new proposal has been submitted to the the Internet Engineering Task Force, a major internet standards organisation. The proposal, which had input from engineers working at Google, Yahoo, Comcast, Microsoft, LinkedIn, and 1&1 Mail & Media Development, will ensure emails are encrypted before they're sent. If the destination doesn't support encryption or their certificate is invalid, the email won't be sent and users will be told why.

Most emails that are sent today are sent in plain text using SMTP. This offers no protection against man-in-the-middle (MITM) attacks, meaning a hacker could easily read your messages. SMTP STARTTLS tried to address the need for encryption but is not widely used and has numerous flaws. In addition, users get no warning when an email they're sending falls back to using plain text.

In the last few years, due to political events, the spotlight has been shone on how insecure our digital communications really are. Email has been a particularly troublesome medium to encrypt. Many people are invested in an email provider's ecosystem such as GMail and don't want to switch to a more secure provider like ProtonMail which provides encryption when sending emails to other ProtonMail users. Other tools such as PGP have a fairly high barrier of use for people new to the technology, making it an inconvenient option for most users.

The submission to the IETF is still in its early stages and will probably take a while before it's implemented in third party email clients regularly used on desktop and mobile devices. It is likely that the proposal will get implemented due to the support it has from the big tech firms.

Source: IETF via The Next Web | Image of a key via Shutterstock

Report a problem with article
Next Article

GLOBAL GIVEAWAY: Win a Microsoft Lumia 650 + 128GB SanDisk microSDXC card! [Update: WINNER!]

Previous Article

Samsung Galaxy S7 vs Microsoft Lumia 950 camera comparison: the best of the best

Join the conversation!

Login or Sign Up to read and post a comment.

11 Comments - Add comment