U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-177 Rev. 1 (Initial Public Draft)

Trustworthy Email

Date Published: September 2017
Comments Due: October 13, 2017 (public comment period is CLOSED)
Email Questions to: sp800-177@nist.gov

Author(s)

Scott Rose (NIST), Stephen Nightingale (NIST), Simson Garfinkel (U.S. Census Bureau), Ramaswamy Chandramouli (NIST)

Announcement

Trustworthy Email covers and gives recommendations for state of the art email security technologies to detect and prevent phishing and other malicious email messages. The guide was written for email administrators and for those developing security policies for an enterprise email infrastructure.

This revision was produced to include a new appendix with a FISMA overlay.  This overlay is for administrators of email systems that fall under FISMA and includes references to relevant guidance on specific FISMA controls and how they apply to various email system components.

Abstract

Keywords

Email; Simple Mail Transfer Protocol (SMTP); Transport Layer Security (TLS); Sender Policy Framework (SPF); Domain Keys Identified Mail (DKIM); Domain based Message Authentication, Reporting and Conformance (DMARC); Domain Name System (DNS) Authentication of Named Entities (DANE); S/MIME
Control Families

None selected

Documentation

Publication:
Draft SP 800-177 Rev. 1 (pdf)

Supplemental Material:
Comment template (xlsx)

Related NIST Publications:
SP 800-45 Version 2

Document History:
09/13/17: SP 800-177 Rev. 1 (Draft)
12/15/17: SP 800-177 Rev. 1 (Draft)
02/26/19: SP 800-177 Rev. 1 (Final)

Topics

Security and Privacy

general security & privacy

Applications

communications & wireless