This whitepaper gives an overview of Harrier, a cross-platform Military Messaging client which is available as a Web interface and as a native Android client. This paper gives an overview of core Harrier capabilities and how these two clients work. It then looks at the road map for Harrier.
Further information on Harrier can be found on the Harrier product page.
This paper starts with a few screenshots to quickly show the capabilities of Harrier on the Web and on an Android phone. The basic capabilities are shown by three Android screenshots. The first screen shows message composition, the second shows message display and the third shows message scan listing.
Some features to note in these screenshots:
|Message Composition||Message Display||Message Scan Listing|
The next screenshot shows Harrier Web. It can be seen that the same capabilities are available as on Android, but with a layout appropriate for a larger screen.
Harrier on Android can also be used as a general purpose email client. The final screen shot shows display of a message with non-military mode. Differences to note:
- Use of To/Cc instead of Action/Information.
- Single per message "Urgent" option instead of complex military precedence.
- Security labels may be sent and received in non-military mode.
- Military features received will still be shown.
- Dates/times in local format.
Why a new Military Messaging Client is Needed
For users of military messaging, the choice of modern user interfaces to military messaging is limited. While there are decent options available as plugins to Microsoft Outlook optimized for use with Microsoft Exchange, there are few alternatives. Isode has built Harrier to address this gap in the market.
The primary targets for Harrier are:
- Users of Military Messaging.
- Organizations with strong messaging security requirements, and in particular those needing support for Security Labels with messaging.
We also anticipate that Harrier will be of interest to individuals and organizations needing other differentiating Harrier capabilities, including:
- High performance IMAP client able to deal well with poor network conditions and give fast response, particularly to for new messages.
- Support for delivery acknowledgements and read receipts.
- Support for Reply-By and Expires.
Military Messaging vs Email
Military Messaging is used in this paper to mean organizational messaging used by the military. As well as Military Messaging (the term used by NATO) this is also referred to as Signals, Formal Messaging and High Grade Messaging.
Military organizations distinguish military messaging from informal email. An important point to understand is that military messaging is not email, although it may make use of standards that also support email.
Military messaging shares a lot of characteristics with email and use of messaging technologies to provide military messaging is desirable. There are clear benefits to presenting email and messaging as separate user services, and use of different clients for email and military messaging will be a good approach for many organizations.
Why MMHS over SMTP?
Harrier uses the Internet Standard SMTP (Simple Mail Transfer Protocol) for message submission and IMAP (Internet Message Access Protocol) for message and folder access, supporting a number of extensions for military messaging discussed in [Military Messaging (MMHS) over SMTP] .
STANAG 4406 is the NATO standard for military messaging. Technically, this would have been a good choice for Harrier, particularly as Isode provides full STANAG 4406 server support. However, we believe that the SMTP approach is preferable, and Harrier can be used with STANAG 4406 deployments as described in [Using SMTP to provide a STANAG 4406 Military Messaging Service].
ACP127 is the historical protocol for military messaging, which is also supported by Isode, as described on the M-Switch ACP127 product page.
There is currently considerable NATO discussion on the future of military messaging. Some nations are keen to continue with STANAG 4406, whereas others are shifting systems from STANAG 4406 back to ACP127. There is no clear future direction. At the server level, Isode’s approach is to support all options. At the client level we needed to make a choice.
Isode is developing clients to follow the IMAP and SMTP standards with extensions to support MMHS capabilities. Our opinion is that this is the direction that NATO will eventually take. At the server level, we will support all options and enable interconnectivity.
We also see that an IMAP/SMTP client will have applicability beyond the military market, and this was another factor in the Harrier choice.
A web client can be used from a very wide range of devices, and so gives high flexibility for deployment. Military organizations increasingly prefer "zero footprint" deployments using Web clients and avoiding managing configuration of desktop applications. This simplifies system administration and provides better security.
Many military organizations also aim for a Service Oriented Architecture (SOA) approach, and a Web client is ideal in support of this.
Mobile devices are being used widely in our target environments and support for military messaging on mobile platforms is expected to be important. While Harrier Web can be used on mobile devices, a native application is preferable because:
- For small form factor devices (phones) a native interface can be better optimized.
- Network performance directly using protocols such as IMAP and SMTP is better than Web access. This is important for operation over degraded networks.
We picked Android, because we believe it will become the most important platform for mobile military usage. It appears best suited to two likely military approaches to military devices:
- Develop ruggedized military mobile devices; or
- Treat mobile devices as disposable (and thus source low cost devices).
This section looks at the functionality currently provided by Harrier.
Harrier starts with a core email capability, familiar to any email user. It provides all of the capabilities that would be expected in an email client. When not in military mode, the Harrier interface will seem familiar to most users.
Harrier connects to servers using the SMTP and IMAP protocols. This can be used to connect to Isode’s M-Box and M-Switch servers (and thence onwards to the military messaging network of choice). Harrier can also connect to any other IMAP/SMTP server.
The diagram above shows Harrier as a single process, which reflects how Harrier works on Android. The structure of Harrier Web is more complex.
Harrier Web Server is a multi-threaded server process that runs on supported Isode server platforms and is distributed as an Isode server product. It supports multiple Harrier Web Clients, and connects using IMAP and SMTP to M-Box and M-Switch (or another server such as Microsoft Exchange).
Harrier provides a number of military features. Some of these are simply presenting standard email capabilities in a military way. For example, use of ZULU for times and Action/Information instead of To/Cc.
Others follow the extended [MMHS over SMTP] family of standards and in particular RFC 6477 "Registration of Military Message Handling System (MMHS) Header Fields for Use in Internet Mail" to represent military capabilities. For example, the RFC 6477 "MMHS-Primary-Precedence:" header is used to hold action precedence. This framework will enable support of a full military messaging service.
Support for Security Labels
Support of Security Labels is an important part of the first Harrier release. This is based on RFC 7444 "Security Labels in Internet Email". Isode Security Label Server is used as the interface to enable Harrier to select a security label for message composition, allowing a choice of labels appropriate for the selected recipients. This client/server architecture allows flexible security labels to be provided without heavyweight client support. This is described in detail in [Easy Security Label Support for Email Clients] .
Security Labels are supported in military messaging systems in a wide variety of ways. M-Switch support flexible conversion to other security label formats, as described in [Security Label Capabilities in M-Switch].
Focus on IMAP/SMTP
Harrier supports IMAP/SMTP only. This is an architectural choice, and Harrier will not be extended to support any of the following:
- Internet POP (Post Office Protocol).
- Microsoft proprietary access to Exchange (Active Sync).
- Google proprietary access to Gmail.
Harrier is targeted to support the LEMONADE profile as described in [LEMONADE Profile: The Key Standard for Mobile Messaging]. LEMONADE was introduced to enable improved performance over slow, high latency and degraded networks. Isode’s M-Box and M-Switch servers were the first servers to support this profile, which Isode sees as the best way to support high performance open standards messaging.
Harrier is optimized for servers with high functionality IMAP and SMTP performance, but will downgrade to access servers with lesser capabilities. Harrier will work against most popular products (including Exchange in IMAP mode) and most popular services (the only significant exception is Outlook.com/Hotmail, which does not support an IMAP capability currently required by Harrier).
Many email clients use IMAP with "lowest common denominator" features. This leads to sub-optimal performance and to some claims that IMAP is not good when high performance is needed. Harrier's LEMONADE profile focus leads to high performance, including operation over slow and high latency networks. Harrier can efficiently access very large email folders and systems with large numbers of folders. It supports [IMAP IDLE] to provide immediate notification of new messages arriving.
Harrier Web reflects this high performance in communication between Harrier Web Client and Harrier Web server.
TLS (Transport Layer Security)
TLS is important to provide data confidentiality. Harrier supports this for all connections, and account setup defaults to use of TLS, so that not using TLS needs to be a specific user choice.
Harrier verifies server digital certificates against client trust anchors. Where a certificate is not correctly trusted, the user will need to confirm certificate use prior to use of the connection.
The SMTP protocol family supports two types of message acknowledgement:
- "Delivery Reports" using the Delivery Status Notification (DSN) format.
- "Read Receipts" using the Message Disposition Notification (MDN) format.
These acknowledgements are important for senders in environments where it is critical to know that messages have been delivered and read. These acknowledgements are supported in a number of desktop clients, and in particular Microsoft Outlook. They are not widely supported in mobile or Web clients.
As shown in the screenshots above, Harrier enables message senders to select these acknowledgements. When a message is received with a "read receipt" request, the user is prompted and an MDN is sent. Received MDNs and DSNs are displayed by Harrier.
Harrier on Android support multiple accounts, and makes use of Android Notifications to alert the user to new messages that arrive, as shown below.
Server Side Storage & Search
Harrier makes use of a range of IMAP capabilities to provide a full client/server experience. In particular:
- IMAP message searching enables the client to search messages on the server.
- Message Drafts and Sent Messages are stored on the IMAP server so they can be accessed from other devices.
Draft and Release
Draft and Release is an important military messaging capability supported by Harrier. A detailed description, including Harrier screenshots is provided in [Open Online Draft & Release].
SICs & Message Type
Subject Indicator Codes (SICs) and Message Type are widely used military messaging fields. Harrier can set and display these. The values used are stored in the Security Label Server, so values can be managed centrally and shared between clients.
Time-Related Control Capabilities
Harrier provides control of three time-related capabilities:
- Reply-By (defined in RFC 2156) specifies the latest time a message should be replied to.
- Expires (defined in RFC 2156) specifies an advisory time when a message has expired.
- Deliver By controls, with a value specified in minutes, the latest time a message should be delivered. If the message has not been delivered by this time, a non-delivery report will be sent to the sender. This capability is useful for time critical messages being sent over less reliable networks.
Note that the "Deliver By" capability requires us of an MTA that supports RFC 2852 (Deliver By SMTP Service Extension). Isode's M-Switch provides this support. Each of these extensions can be selected when composing a message, as shown in the first screenshot below.
In the second screenshot above, you can see that the message scan listing clearly shows Reply-By and Expiry information, enabling a user to quickly delete obsolete messages, and to prioritize handling of messages with Reply-By or Expires in the near future (or recent past).
Harrier Road Map
This section outlines direction for future Harrier capabilities.
The underlying Harrier technology is cross platform. The current Harrier focus is Web and Android. At some stage Isode may provide Harrier on other mobile platforms (in particular iOS) and/or on desktop platforms (Windows, Mac and/or Linux).
Additional Military Features
Extending military capabilities for Harrier is a top priority. Features planned include:
- S/MIME message security.
- Message Tracking based on delivery reports and read receipts.
Harrier for Android is currently in private beta, please contact us using this form, if you would like to participate and we will contact you with details. Anyone is welcome to participate based on:
- Commitment to provide feedback to Isode; and
- Not making public comment on Harrier.
Harrier Web will be released with Isode server products. Please contact Isode if you are interested in early access to Harrier Web.
Outside of plugins for Outlook optimized for use with Microsoft Exchange, there is a very limited range of modern user interfaces to military messaging systems. Isode has expanded this range with the development of Harrier, for Web access and for devices running the Android operating system.
Isode believes that mobile access to military messaging is of increasing importance and that the Android OS is likely to dominate the market for low-cost and/or ruggedized devices for military use.
The current release of Harrier includes all of the core functionality required of a military messaging client and some additional differentiating features. Isode has a roadmap to extend both platform support and military feature support. Prioritisation of roadmap items will take into account user feedback. Harrier is available as a beta release now.