Alfred's New Ramblings


DISA recently started using STARTTLS by default for all mail servers. DISA which runs the US Department Of Defense IT systems. STARTTLS is an encryption standard for email protocol.

Current email communications are in clear text. You can protect the message body by encryption. The cleartext message is encrypted and placed in the mail or as an attachment. The full sender and recipient address are in clear text. A snooper will be able to see it.

STARTTLS enables a TLS session just after the EHLO command but before the email addresses are sent. After the secure session is established, then email addresses are sent. This means the TLS certificates used in the encryption must be registered. Self-signed certificates cannot be used.

Now the only thing to worry about is using AES


Tagged on: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *