Encourage or enforce protocol layer encryption and Forward Secrecy whenever possible
Encourage or enforce protocol layer encryption and Forward Secrecy whenever possible
How We strongly encourage the use of protocol level encryption whenever possible. Some of the ways we accomplish this are Secure Socket Layers (SSL), and Transport Layer Security. We also strongly encourage the use of cryptographic algorithms which are capable of Forward Secrecy
Some examples include:
Only allowing SSL-encrypted HTTPS connections on our web sites
Offering Forward Secrecy enabled cryptography algorithms on our web sites
Only allowing SSL-encrypted XMPP / Jabber connections to our public messaging server
Offering Forward Secrecy enabled cryptography algorithms on our public messaging server
Only allowing SSL-encrypted IMAP for email reading
Offering SSL-encryption via StartTLS on our public SMTP mail server
Offering SSL encryption on our public OpenPGP key server
Why Strong encryption and authentication of data serves several purposes. It is a countermeasure against interception. It also tries to authenticate the data - to provide assurance that data really originates from who you think it does.
Caveats Authoritative sources have pointed out flaws in the system of certificate authorities that underpins the trust network. We recognize these short comings and also hope for technical solutions to overcome the weaknesses that have been identified. However in the mean time there aren't a lot of alternatives.