Amidst the ongoing Apple-FBI controversy, some of the biggest tech companies have joined forces to deliver a new email mechanism called SMTP STS that is aimed at making user information more secure.
Google, Microsoft, Yahoo, Comcast and LinkedIn have together submitted a proposal to the Internet Engineering Task Force for SMTP (Simple Mail Transfer Protocol) STS (Strict Transport Security). The system checks if the domain a user is sending an email to supports SMTP STS or not, and also checks if the encryption certificate is authentic and up to date. If for some reason the mechanism detect any problem, it would not let the email pass through and will let the sender know the reason.
“SMTP STS is a mechanism enabling mail service providers to declare their ability to receive TLS-secured connections, to declare particular methods for certificate validation, and to request sending SMTP servers to report upon and/or refuse to deliver messages that cannot be delivered securely,” saidthe proposal.
Email has long been one of the primary sources of digital communication, but with the rise of instant messaging apps, workplace collaboration apps, and social networks, it is slowly losing its dominance. It is always good to see companies like Google and other working on encrypting emails to make the personal more secure. Google itself uses the encryption method for its Gmail email service. Last month it tightened the security for its Gmail service by flagging those email providers that don’t support Transport Layer Security (TLS) encryption, which is aimed at ensuring a connection is secure before exchanging data between server ad client. Emails sent using such mail services will be flagged with a red broken lock icon on the top-right corner of the mail.
In addition, Gmail will flag emails received from contacts whose identity cannot be verified. The service will alert the receiver about the emails coming from unauthenticated sources by showing a question mark in place of the contact’s profile photo.