Mar. 29, 2016
SP 800-177
DRAFT Trustworthy Email (Second Draft)
NIST requests comments on the second draft of Special Publication (SP)
800-177, Trustworthy Email. This draft is a complimentary guide to NIST
SP 800-45 Guidelines on Electronic Mail Security and covers protocol
security technologies to secure email transactions. This draft guide
includes recommendations for the deployment of domain-based
authentication protocols for email as well as end-to-end cryptographic
protection for email contents. Technologies recommended in support of
core Simple Mail Transfer Protocol (SMTP) and the Domain Name System
(DNS) include mechanisms for authenticating a sending domain (Sender
Policy Framework (SPF), Domain Keys Identified Mail (DKIM) and Domain
based Message Authentication, Reporting and Conformance (DMARC). Email
content security is facilitated through encryption and authentication of
message content using S/MIME and/or Transport Layer Security (TLS) with
SMTP. This guide is written for the federal agency email administrator,
information security specialists and network managers, but contains
general recommendations for all enterprise email administrators.
The public comment period April 29th, 2016.
Email comments to
SP800-177@nist.gov .