NIST has announced the publication of Special Publication (SP) 800-177 Rev. 1, Trustworthy Email, which describes guidelines for enhancing trust in email and recommendations for the support of core SMTP and Domain Name Systems (DNS) through the use of authentication mechanisms. The document includes newly specified email protocol additions, such as Mail Transfer Agent Strict Transport Security (MTA-STS) and Transport Layer Security (TLS) Reporting, as well as an email system FISMA overly developed to aid systems administrators in deploying email services that address relevant FISMA controls. It is intended to be a guide for enterprise email administrators, information security specialists, and network managers.
Publication details:
https://csrc.nist.gov/publications/detail/sp/800-177/rev-1/final
CSRC update:
https://csrc.nist.gov/news/2019/trustworthy-email-nist-publishes-sp-800-177-rev-1