[Mailman-Developers] Crypto-sign to post

[Stefan Schlott]

Hi,

>>> I suppose you could also have each mailing list publish a pubkey and  
>>> require that messages be encrypted with that pubkey in order to get  
>>> posted.

> Now there's something which I'm sure it's a small subset of people would
> be interested in, but it would definitely be nice.. the ability to run
> an entirely encrypted mailing list.

This is exactly what my gpg-mailman hack does :-)
Joost started with "authentication by signature" and s/mime, I wanted an
gpg-encrypted mailinglist. Joost tried to merge both patches, the result
is available as a darcs repository.

> think that encrypting to individuals would be slightly simpler - but
> again, a lot of CPU cycles to make it work.  And I'm not sure how many
> lists would take advantage of it. 

If you want to do it properly witch out-of-the-box software (like gpg or
s/mime), you have to create an individually encrypted mail for each
recipient.
Up to now, mailman was concerned with the number of "sendmail jobs" -
mailman sends mails in "chunks" with a certain number of recipients and
lets the mailserver multiply the mail on delivery.
With public key encryption, this is no longer possible; but this
wouldn't matter since the public key operations are horribly expensive
(in terms of CPU cycles) - it would hardly make a difference :-)

For low traffic lists or lists with only a few members, public key
encrpytion can be done without killing the ml server. For large lists, I
doubt that this would work. Using specialized software, it would be
possible, but special software for an encrypted list would bring the
acceptance rate close to 0% :-(

> Would also make archiving an interesting proposition...

Store the decrypted mails, allow https access only, require
authentication by ml members - that would do it in most cases. If you
have special requirements (e.g. members may only access the time
interval of their own membership) would require special software, though.


Stefan.