[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CmnLn Elec Exch: Draft Update on mail system migration plans

To: "cl-elec-exch@lists. glhec. org (E-mail)" <cl-elec-exch@lists.glhec.org>, "Jon Kroehler (E-mail)" <JKROEHLE@usagroup.com>, "Karen Haney (E-mail)" <khaney@nchelp.org>
Subject: CmnLn Elec Exch: Draft Update on mail system migration plans
From: Scott Fullerton <sfullerton@glhec.org>
Date: Fri, 24 Apr 1998 11:55:41 -0500
Sender: owner-cl-elec-exch@lists.glhec.org


Please review this draft.  Pending Jon's, Karen's and sub-committee approval I 
will send this out to the CommonLine universe.
Scott
---------------
The CommonLine Electronic Exchange subcommittee recommends members continue to 
use the CompuServe (now America OnLine) proprietary mail system through the 
upcoming processing season until a new encryption standard can be selected and 
put into use.  A date for general implementation of that new standard has not 
yet been set, but it will almost certainly not be before the fall.

America OnLine has reassured members of the Electronic Exchange Subcommittee of 
their ongoing support for the mail system we currently use.  They have not yet 
established a date to retire this system and expect to provide us with eighteen 
months advance notice before they do.  There are tens of thousands of accounts 
still on it, the majority of which would have to migrate off before 
CompuServe/AOL could discontinue service, thus creating an inertia working 
strongly in our favor.  In short, while this reassurance does not constitute a 
guarantee, it does lead to a high degree of confidence in their continuing 
support through the summer and early fall.

That having been said, since there is no guarantee, it would still be prudent 
to have a contingency plan in place should the unthinkable happen and oldmail 
be withdrawn before a new encryption standard is implemented.  Our 
recommendation is that should this unlikely circumstance come to pass, all 
members would establish AOL POP3 mailboxes and send transactions unencrypted 
trusting in the greater security of the AOL private network as compared to the 
public Internet.  Members assuming a risk-averse strategy might consider doing 
an impact analysis on this worst-case scenario.

We are currently reviewing encryption products (or standards) searching for an 
effective replacement to PGP.   We hope to complete the review and have a 
replacement identified within a couple of months.  The candidates selected are 
ones most compliant with our standards already set forth in the addendum, as 
compliance at this level will minimize the disruption to members who have 
already developed for PGP.   In addition to this, other requirements and 
considerations include general availability of a product or products to support 
the standard both for SBS developers and end-users, manageable cost, Evidence 
of market viability of the product or standard, and compliance to open Internet 
standards.

Support for 16-bit windows is not a requirement.  In our search last summer 
leading to the selection of PGP using the RSA algorithm, we felt it should be, 
since at that time such a large proportion of PC's were on that platform.  As 
we discovered, though, with PGP and other software vendors, acquiring software 
that still supports that can be quite difficult.  Many vendors simply do not 
want to invest resources any longer in what is considered obsolete technology. 
 For this reason, we are no longer making 16-bit Windows support a requirement.

We in the subcommittee will continue our analysis and keep you apprised of 
developments.  We hope to have a new standard defined within two months.  If 
you have any questions please do not hesitate to call

Scott Fullerton
Chair, CommonLine Electronic Exchange subcommittee
608.246.1779

Prev by Date: CmnLn Elec Exch: 4/16 Minutes
Next by Date: CmnLn Elec Exch: 4/23 Minutes
Prev by thread: CmnLn Elec Exch: 4/16 Minutes
Next by thread: CmnLn Elec Exch: 4/23 Minutes
Index(es):
- Date
- Thread