A few days ago Google announced plans to offer enhanced encryption in Chrome and to help justify the move they also came out with a report listing major ISPs who do and don’t use even the most rudimentary security. Google’s data concluded that Comcast was one of the worst offenders and encrypted less than 1% of the emails exchanged with Gmail.
Today Charlie Douglas, a spokesman for Comcast said that Comcast is currently beta testing TLS (Transport Layer Security) encryption for domain-to-domain email messaging and has enabled it for its email traffic with certain websites and some smaller ISPs. He also added, “Since Gmail is a large domain, we plan to gradually ramp up encryption with Gmail in the coming weeks. We’ll also implement it with others.”
According to Douglas, a Comcast engineer will be on a panel at the Messaging Anti Abuse Working Group (MAAWG) next week to discuss how to drive adoption of domain-to-domain email encryption.
TLS is an Internet Engineering Task Force (IETF) standards track protocol, first defined in 1999, updated in 2008 and again in 2011.
So Comcast is just getting around to beta testing TLS a scant 15 years after the protocol was introduced. Way to keep current on things Comcast.
And now that Google has pointed out that Comcast has shown no interest whatsoever in protecting its customer’s privacy they suddenly announce they are working on it. (Couldn’t have anything to do with Comcast’s upcoming bid to buy Time Warner could it?)
And how did they suddenly become experts on domain-to-domain email encryption? If they really knew what they were doing then why didn’t they implement something earlier?
I suspect they just couldn’t figure out how to charge customers for encryption without letting everyone know that their traffic wasn’t secure.
“You can get our basic, insecure service for $49.95 a month, or you can spend an additional $19.95 and get our platinum service that includes encryption”