Over the past few years, the Pervasive Monitoring SIG within M3AAWG has worked to educate members and the community at large about better practices for message encryption and data privacy. Messaging abuse, such as Man-in-the-Middle attacks, continues to threaten end-users and make confidential personal and business data more accessible to cybercriminals. After the revelations made by various whistleblowers around the world, we now know that we’re being watched at an ever-increasing rate, and even if we believe we’re innocent, our privacy could be violated without just cause.
As a result, messaging providers are adopting stronger encryption mechanisms. Recently, the draft for a new mechanism, SMTP Strict Transport Security (SMTP STS), was introduced to the IETF as a way to further secure our email.
SMTP STS is a mechanism whereby a receiving site will publish a policy stating their ability to receive messages via TLS and, potentially, where to submit reports from senders with information about TLS-related delivery failures. STS relies on the CA trust model and validates the certificates presented to the sender via the same trust model that we use today with Web browsers, WebPKI. The reports, generated by the sending sites, should contain enough information to assist sites with isolating problematic systems within their ecosystem.
STS was developed as a group effort, including peers from 1&1, Comcast, Google, Microsoft, LinkedIn and Yahoo. All of these companies are active in M3AAWG and much of the collaborative work and discussion that went into the draft took place at M3AAWG meetings. The SMTP STS mechanism development also was part of the Pervasive Monitoring SIG work between meetings.
An alternate proposal with similar goals, DANE has been facing slow adoption as providers face various technical challenges relating to DNSSEC deployment. Deciding that they wanted to find an alternative that does not depend on DNSSEC, the group created STS and submitted it to the IETF for consideration. DNSSEC and DANE will also remain a goal for many once these organizations overcome their current challenges. While organizations may adopt both STS and DANE when they have these capabilities, STS aims to provide both a long-term complement to DANE and a short-term substitute in cases where DNSSEC deployment is difficult. This is a good example of the community coming together to solve a technical problem that benefits users around the world and hopefully this endeavor leads to future collaborative work.
By Alexander Brotman and Janet Jones, M3AAWG Pervasive Monitoring Chairs