• Calendar
• A-Z Index

• Yale home
• About Yale
• Academic programs
• Admissions
• Health & medicine
• Working at Yale
• Yale & New Haven
• Yale & the World
• Yale Tomorrow
• News

• Prospective students
• Students
• Parents
• Faculty
• Staff
• Alumni
• Foundations & corporations
• Patients
• Visitors

Find it

• About ITS
• Policies
• Feedback
• Search ITS
• ITS A-Z Index
• System Status

SSL - Secure Sockets Layer protocol & email security

Supported email software

You can enable SSL with most, but not all of the IMAP and POP ITS supported email clients. Some older versions of Eudora do not support SSL. See the configuration instructions or look at the pared down settings for using authenticated email or contact the Help Desk (203-432-9000 or email helpdesk@yale.edu).

If your email is being sent or routed through a mail server that is NOT SSL-enabled, you can NOT be assured of secure communications.

Detailed SSL information

Secure Sockets Layer (SSL) is a protocol developed by Netscape and approved as a standard by the Internet Engineering Task Force (IETF) for transmitting private documents via the Internet. Non-secure data can be compromised on its journey between mail servers (i.e., omega.med.yale.edu) and your local computer's mail client (i.e., Netscape Messenger). It can be copied or altered at routing points, or intercepted by an unfriendly server pretending to be the legal recipient of the message. SSL encrypts data that is sent between your computer and other SSL servers on the Internet.

You may see the terms SSL and TLS or Transport Layer Security being used interchangeably. TLS supercedes and is an extension of SSL. SSL encrypts messages and attachments, but ONLY in transport. They are encrypted as they travel from your personal computer an SSL mail server, and from that SSL mail server to another SSL recipient, but the message and/or attachment is not encrypted as it sits on the mail server, nor is it encrypted after it arrives at the desktop. SSL differs from protocols like S/MIME (Secure Multipurpose Internet Mail Extensions) and PGP (Pretty Good Privacy), which encrypt messages and attachments, not only while in transport, but at your local computer before the message is sent, while being routed to any other server[s] (SSL-enabled or not) on the Internet, and then they must be decrypted at the email receiver's computer before they can be read.

SSL provides protection for your data by means of three security measures:

• Client authentication: ensures that the client can uniquely identify the server, and can verify that data transfer will be secure.
• Data encryption: the data is scrambled using complex encryption algorithms, so that even if it is intercepted en route it cannot be deciphered.
• Data integrity checks: verifies that there has been no alteration of the data during transit.

Comparison with other email security protocols

SSL - Secure Sockets Layer

Encrypts messages/attachments, but ONLY in transport and ONLY between SSL enabled mail servers.

PGP - Pretty Good Privacy

Encrypts messages/attachments, before they're sent, anywhere in transit, and they must be decrypted at the receiver's computer before they can be read. PGP works with most email clients.

S/MIME* - Secure/Multipurpose Internet Mail Extensions

Encrypts messages/attachments, before they're sent, anywhere in transit, and they must be decrypted at the receiver's computer before they can be read. S/MIME is not supported by Eurdora. * ITS is evaluating S/MIME technology.