Comcast to encrypt e-mail traffic with Gmail within weeks
Responding to reports that it fails to encrypt the majority of its email traffic, Comcast said that it will ramp up domain-to-domain encryption efforts over the next few weeks.
Google has released data showing how much of the email traffic to and from Gmail is encrypted in an attempt to raise awareness about the benefits of securing email in transit, which requires both sending and receiving servers to support encryption.
Users can secure their webmail connections from snooping by using HTTPS when available, but have no control over how their emails are sent out to the intended recipients by their email providers. According to Google’s data, between 40 and 50% of email messages sent by other servers to Gmail addresses in May travelled in plain text because those servers didn’t support encryption.
The need to secure email in transit became a hot topic after documents leaked by former US National Security Agency contractor Edward Snowden showed that intelligence agencies intercept and collect electronic communications, including email messages, as they travel through the global Internet infrastructure.
Google’s data showed that less than 1% of emails exchanged between Gmail and Comcast in May were encrypted.
Comcast is currently beta testing Transport Layer Security (TLS) encryption for domain-to-domain email messaging and has enabled it for its email traffic with certain websites and some smaller ISPs, said Charlie Douglas, a spokesman for Comcast, via email. “Since Gmail is a large domain, we plan to gradually ramp up encryption with Gmail in the coming weeks. We’ll also implement it with others.”
According to Douglas, a Comcast engineer will be on a panel at the Messaging Anti Abuse Working Group (MAAWG) next week to discuss how to drive adoption of domain-to-domain email encryption.
Facebook also ran a test in May and found that almost 60% of billions of notification emails it sends every day are encrypted in transit and encouraged more email providers to deploy an encryption technology called STARTTLS.
Lucian Constantin, IDG News Service