Finally after has adopted the Auto Encryption of Emails for all of their users. The service also was available to users early But, user need to set Encryption On explicitly. As from past few months NASA was in news for spying all sort of traffic, auto encryption of mails from Yahoo will safeguard mails from their server to bypass surveillance. Not only NASA, the data can't be decrypted by local spy'ers and ISP based surveillances. The same service was implemented by Google years back in 2011 for all of their online products.
After the implementation Yahoo supports full-session HTTPS-SSL/TLS encryption over HTTP through Yahoo Mail, Web , Applications and also via IMAP, POP or SMTP. The content will get 100% encrypted by default with 2048 bit certificate. The encryption is applicable for Emails, attachments, contacts, as well as Calendar and Messenger in Mail.
 |
| Yahoo Logo |
How secure its Actually IS.
- Yahoo HTTPS implementation seems to be inconsistent on some servers and Even technically insecure in some areas.
- Yahoo's encryption still not supports "Forward Secrecy" which makes decryption of captured SSL traffic practically impossible even if security key is compromised. While , Google is using the same since 2011 in all web applications.
It clearly seems that, Yahoo needs time to setup encryption completely across all their servers and provide the service flawlessly .