Beveiligd e-mailtransport (STARTTLS en DANE)

Waarom

• "Opportunistic Security: Some Protection Most of the Time" door V. Dukhovni
• "New e-mail security protocols mandatory within government" door Marco Davids (SIDN)
• "The sad state of SMTP encryption" door Filippo Valsorda

Gebruiksstatistieken

• DANE trend graphs
• DANE statistics
• .nl-statistieken over DANE door SIDN Labs
• Google's statistics on STARTTLS

Achtergrondinformatie

• How-to on 'DANE for SMTP' door Platform Internetstandaarden
• Wiki on 'DANE for SMTP'
• FAQ over standaarden voor e-mailbeveiliging door SIDN
• Factsheet "Beveilig verbindingen van mailservers" door NCSC-NL
• "ICT-beveiligingsrichtlijnen voor Transport Layer Security (TLS), versie 2.1" door NCSC-NL

Specificaties

• RFC 3207: SMTP Service Extension for Secure SMTP over Transport Layer Security
• RFC 7672: SMTP Security via Opportunistic DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS)
• RFC 7671: The DNS-Based Authentication of Named Entities (DANE) Protocol: Updates and Operational Guidance