HEPKI S/MIME Project Minutes: May 23, 2002


*HEPKI-TAG S/MIME Conference Call*
May 23, 2002

*Participants*

Jim Jokl -- Virginia (chair)
Booker Bense -- Stanford
Bob Brentrup -- Dartmouth
Michelle Gildea -- CREN
Neal McBurnett -- Internet2
Eric Norman -- Wisconsin
Steve Olshansky -- Internet2
Steve Wadlow -- Tufts
Nate Klingenstein -- Internet2 (scribe)

*Discussion*

        At the S/MIME Working Group meeting at the Internet2 Spring Member
Meeting, there was decent attendance, including by several curious campuses
which have not yet assisted on the project.  Community outreach will be an
essential part of moving forward, including receiving input and
distributing knowledge and tools to a wide base of institutions.

Plug-ins

        One of the clear prerequisites to a broader S/MIME pilot is the
development and acquisition of a sufficient number of functional plug-ins
for common e-mail clients.  The group believes an attempt to canvass a
sufficient number of these plug-ins and create a more uniform means to
distribute them is essential to effective testing.  The initial desire to
proceed using PGP given its broader implementational status than GPG, as
well as the existing IETF RFC, fueled a search for PGP plug-ins for clients.
Also noted was the recent proliferation of many different and widely
heterogenous e-mail clients for a large number of platforms, which
complicates the search greatly.
        Eudora is a heavily used mail client, but there appears to be
little future for Tumbleweed with Eudora, and Eudora has expressed an
unwillingness to release the source code.  In the most recent PINE
distribution, there is S/MIME support with plenty of means to link it up
with OpenSSL and other protocols.  This compiles readily on Linux and
Solaris, and required only minor changes for AIX.  However, for key and
certificate management, Eric noted, "just like everyone else does, it
invents its own thing."  Netscape 7 was also recently announced, with
support for S/MIME and offline IMAP folder maintenance implemented.  Builds
are available for Windows, Linux, and Mac OS X, although it is unclear how
well or effectively implemented these functions are.

Deliverables

        An exceptionally wide range of potential documents and utilities
the group could produce was discussed.  Creation of an S/MIME toolkit was
offered as one option, intended to be something to assist with the
server-side deployment of encrypted and signed mail receipt and transfer.
While it wasn't clear this is a difficult enough problem to warrant a
toolkit, even a few examples should be useful for campuses.  Brief
discussion of a preferred programming language yielded no concrete
decision.
        Work has also been proceeding on an S/MIME FAQ, which is still in
the developmental stages.  This would be intended as an introduction to
S/MIME for people who had little familiarity with it.  Additionally, the
group posited the importance of developing an S/MIME cookbook.  This would
be a recipe for full S/MIME deployment on a campus which could be followed
by the average sysadmin.  [AI] Jim offered to do an outline of this
cookbook for feedback.
        Another document suggested was an FAQ or user guide for the
end-users in an S/MIME system to help educate them on what S/MIME is
capable of doing, how it can be used, and the associated caveats.

*Action Items*

1.  Jim offered to do an outline of the cookbook for feedback.