• Overall approach is to make "email" the format, transport and backbone of NHIN-Direct --- adding an S/MIME-based encryption and signature layer so that the system supports our emerging requirements around security and trust.
  • Sample deployment configurations: Full Service HISP or Large Organization, Existing ISP and Gateway, Existing ISP and Client Plug-in
  • Primary participants are Cerner and Microsoft. We are actively soliciting more support and recently summarized our argument in favor of the approach here: The case for SMTP
  • Most work so far has gone into coding. Key pieces are:
    • nhin-d-agent: .NET implementation working, Java implementation in development. This is the core of our implementation and we are desperate for closure from S&T to finalize it.
    • SMTP/POP3 Gateway: We are building a plug-in for the Windows SMTP/POP3 servers to use for our pilot. SMTP is in place, code now being checked into nhin-d-smtp. POP3 in progress (now working!).
    • Certificate Stores: This is really part of nhin-d-agent, which abstracts the certificate store as a separate piece. We have currently implemented in-memory and machine-based stores which will be checked in shortly. We are looking to do an LDAP implementation but may wait on that for a bit.
    • Certificate Admin: Not yet started although the certificate stores implement much of the underlying functionality so this is mostly UI.
    • DNS distribution of certs: In progress, about 30% through writing a .NET client to fetch TXT records. This will not be necessary on all platforms.
    • Client SMTP/POP3 Gateway: In progress.
  • We are confident we will be able to complete the capability worksheet in a compelling way and will have an unfinished draft for 5/25.
  • Our weakest area right now is the Comprehensive HIE story.
  • Come help!