SMTP, SMIME and CERT Implementation Guide

From Direct Project
Jump to: navigation, search
Documentation and Testing Workgroup > Documentation Priorities > SMTP, S/MIME, and CERT Implementation Guide


The SMTP, S/MIME, and CERT Implementation Guide is a practical introduction to the use and configuration of the core SMTP and associated technologies used to push documents securely between sources and recipients. The Implementation Guide explores the core concepts, the frameworks for deploying SMTP-based document exchange, and the available references for configuration, operational testing, and ongoing management of services.

The Implementation Guide will be used by organizations deploying encryption and security management, including organizations that wish to implement:

  1. A HISP in Agent mode
  2. A client or client proxy managing encryption, validation, and trust services


An inital orientation to the core technologies, the role it can play in Direct, and the benefits in its implementation.


How you might use the core technologies in the context of a:

  1. HISP
  2. Client proxy
  3. SMTP + S/MIME aware EHR or EHR module
  4. S/MIME-aware email client


Use of DNS CERT records

Covers configuration and use of BIND and other DNS servers, propagation of CERT records, management of CERT RRs, testing of CERT propagation, and use of tools provided in the reference implementation.

Configuration of Trust Anchors

Covers concepts, configuration and management of trust anchors, including options for trust anchor deployment, and use of tools provided in the reference implementation.

SMTP Server Configuration

For HISPs deploying in Agent mode, covers the use of popular SMTP servers, and how to integrate the Agent code into the server pipeline.

SMTP Proxy Agent Configuration

For clients deploying in Agent Proxy mode, covers how to set up the proxy and configure email clients to use the proxy.

Operational Testing

Covers how to test your configuration to ensure it is working well. Describes use of tools provided in the reference implementation to aid your task.

Operational Maintenance

Describes how to use logging and other tools for ongoing operational management and maintenance.

Best Practices

Recommendations on preferred techniques for deploying SMTP, S/MIME and DNS services to exchange the most useful and most fault-tolerant set of data possible given other situational constraints.


Reference inforamtion and specifications, as well as FAQs, a glossary of terms, and other information.