Engineers from companies including Google and Microsoft submitted a proposal to the Internet Engineering Task Force on Friday designed to improve the security of STARTTLS – an extension to the Simple Mail Transfer Protocol (SMTP) designed to establish secure SMTP sessions over TLS.
STARTTLS was invented a few years ago as a way to “take an insecure connection and upgrade it to a secure connection using TLS,” according to FastMail.
The proposal notes that in its current form, STARTTLS has some issues, namely it fails to provide message confidentiality “because opportunistic STARTTLS is subject to downgrade attacks” and server authenticity, “because the trust from email domain to the MTA (Mail Transfer Agent) server identity is not cryptographically validated.”
In October, a report found that despite the increasing use of STARTTLS, “widespread corruption” prevents it from working as intended. For example, STARTTLS is designed to fail open rather than fail closed, which means that when certain errors happen, servers send the email in an unencrypted form rather than failing to send the message at all, Ars Technica reports.
According to a report by ZDNet, one of the measures in the proposal is the ability to stop delivering a message if it can’t be delivered securely, which is possible through SMTP STST policy records that allow a sending service to check a recipient’s policy prior to sending an email.