The IT Law Wiki

NIST Special Publication 800-177

32,563pages on
this wiki
Add New Page
Talk0 Share

Citation Edit

National Institute of Standards and Technology, (Draft) Trustworthy Email (NIST Special Publication 800-177) (Sept. 25, 2015) (full-text).

Overview Edit

This draft guide includes recommendations for the deployment of domain-based authentication protocols for email as well as end-to-end cryptographic protection for email contents. Technologies recommended in support of core Simple Mail Transfer Protocol (SMTP) and the Domain Name System (DNS) include mechanisms for authenticating a sending domain (Sender Policy Framework) (SPF), DomainKeys Identified Mail (DKIM) and Domain based Message Authentication, Reporting and Conformance (DMARC). Email content security is facilitated through encryption and authentication of message content using S/MIME and/or Transport Layer Security (TLS) with SMTP.

Following a description of the general email infrastructure and a threat analysis, these guidelines cluster into techniques for authenticating a sending domain, techniques for assuring email transmission security and those for assuring email content security. The bulk of the security enhancements to email rely on records and keys stored in the Domain Name System (DNS) by one party, and extracted from there by the other party. Increased reliance on the DNS is permissible because of the security enhancements there, in particular the development and widespread deployment of the DNS Security Extensions (DNSSEC) to provide authentication and integrity protection of DNS data.

This guide is written for the enterprise email administrator, information security specialists and network managers.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.