S/MIME Conference Call 12 September 2002

S/MIME Conference Call 12 September 2002
*Attendees*
Neal McBurnett, Internet2
Bob Brentrup, Dartmouth
Jim Jokl, Virginia
Todd Pickett, Michigan Tech
Eric Norman, Wisconsin
Michelle Gildea, CREN
Steve Olshansky, Internet2
Renee Frost, Internet2
Jeanette Fielden, Internet2

*Discussion*

Outlook/Outlook Express S/MIME Draft document:
There was discussion followed by general consensus on the latest draft of the Outlook and Outlook Express S/MIME challenges for higher education document.

It was agreed upon by the group that the section on LDAP behavior should be expanded to explain the following issues:
1) Why EE higher education certificates are generally expected to expire annually. This will clarify why tighter directory integration will be a big win in the higher education environment.
2) Document the three following possibilities for directory usage and suggest that the client behavior be configurable to use any of these mechanisms with the current behavior as the default configuration.
a) The current behavior where a recipient's certificate must be in the local address book before use. The user can manually perform a LDAP search and the result is stored in the local address book.
b) The LDAP directory is searched on each send and the appropriate certificate from the directory is used. The local address book is not updated.
c) The LDAP directory is searched on each send and the appropriate certificate from the directory is used. The local address book is automatically updated to reflect the certificate found in the directory.

The introduction will be modified to reflect that the desire is to use Outlook/Outlook Express but it is currently difficult to do so for a number of reasons. An updated version of the document will be distributed shortly.

Eudora plug-in update:
Jim asked for suggestions regarding any specifications/requirements for what should be in a Eudora plug-in. There is a possibility for funding to get the plug-in written once the specification is done, though it is not guaranteed. Please forward any ideas for the plug-in to Jim.
SecureBAT encrypted e-mail application. This application does encrypted e-mail on the fly. It seems to work well but does not have multiple platform support or an open source version. Windows only. http://www.ritlabs.com/securebat/

There was a discussion on the current status of S/MIME in higher education. The consensus was that early goals were very ambitious given that most schools were just in the process of setting up basic PKI infrastructure and were not ready to tackle S/MIME immediately. It was agreed that it was worthwhile to e-mail schools for updates on what is happening at their institution. Jim and Bob agreed to take on this task.

NIST is about to get their bridge online and start looking for applications to demonstrate what the bridge can do. This is very encouraging and may present several opportunities for partnership, integration, application demonstration etc.

Project updates:
S/MIME cookbook: Jim can write another piece or two though there is a need for more volunteers to write some sections.

The next meeting is scheduled for Thursday September 26, 2002.