HEPKI S/MIME Project Minutes: June 20, 2002


*HEPKI-TAG S/MIME Conference Call*
20-June-2002

*Attendees*

Jim Jokl, U. Virginia (Co-chair)
Bob Brentrup, Dartmouth (Co-chair)
Gary Chapman, NYU
Omen Wild, NYU
Stephen Wadlow, Tufts
Eric Norman, UW-Madison
Judith Boettcher, CREN
Chris Misra, U. Mass
Michael Gettes, Georgetown
Steve Olshansky, Internet2
Jeanette Fielden, Internet2 

*Discussion*

SYMPA is a mailing list manager developed by CRU, the French
Universities Network Committee. It is distributed under the terms of the
GNU General Public License Version 2. It is written in Perl. It has the
functionality of other mailing systems plus it is directory-enabled and
has S/MIME capabilities. SYMPA can verify S/MIME signatures, and
supports dynamic includes of email addresses from a source that can be
either a relational database accepting SQL queries or an LDAP directory.
If you have a certificate for the list server you can send a message to
that certificate and it will be distributed to the list enrollees
encrypted with their respective certs. It keeps its own certificate
database. It can do list control with S/MIME signed messages, or a web
interface that recognizes the certificate.  It also handles multiple
CAs.  It is highly customizable and it appears that all behavior can be
modified through simple text file changes. One possible problem is: it
is not clear that the software can handle encrypted S/MIME signatures.
There was discussion of how SYMPA might be modified to support pulling
the certificates from directories instead and handling encryption when
not every list member can handle it. 

The SYMPA web site is http://www.sympa.org/.

There were discussions with some of the developers of SYMPA at the
TERENA meeting in Ireland related to how SYMPA could be extended. It
needs greater LDAP enablement to do operations such as wherever you
would normally have an e-mail address you should be able to specify an
URI. A bank of mailing list servers could all key off the same directory
information, which would allow distributing the mailing list processing
among multiple servers.  Bridge enabling for inter-domain mailing list
processing would mean that not all certificates have to be in each SYMPA
deployment to have it work properly.  The SYMPA
developers are interested in ongoing discussions and information
exchange on these topics.

[AI] 20-June-2002 (Everyone) - Please e-mail ideas and lists of open
issues relating to S/MIME to the list.

*School Updates*

A report on the S/MIME study at Wisconsin is not available yet. It will
hopefully be distributed soon.

U. Mass - Currently awaiting the arrival of some expected equipment.

Tufts - has made some progress on the certificate management system.
They’re still waiting on some hardware to arrive. There is a machine
with nCipher installed that may be used to see how nCipher performs
(http://www.ncipher.com/)

NYU - currently installing the iPlanet CMS server.

Dartmouth - The web group is sending signed messages back and forth
internally. The issue has been getting acceptance of the Dartmouth certs
into the cache. Some new materials have been added to the S/MIME page
and work is starting on documentation aimed at students.

The next call for S/MIME will be on the 18th of July.

*Action Items*

[AI] 20-June-2002 (Everyone) - Please e-mail ideas and lists of open
issues relating to S/MIME to the list.