At 12:54 AM -0500 11/7/00, Omri Schwarz wrote:
Both your solution and mine do the same thing on the human failings angle: they allow a mail server admin to set up a list that does encryption for everyone, so that people learn that some things are best not discussed in plaintext.
no, it really doesn't, because the message is sent to the MLM in plaintext, so it has no security at all. If you depend on the MLM to do the encryption, you might as well not encrypt, bceause anyone sniffing packets will have the data no proble. what you're doing is setting up a sense of *false* security, but you're in fact leaving things wide open. It has to be encrypted leaving the client, or it's not secure.
Unless I misunderstood, in both cases a program on the server decripts incoming mail and then re-encrypts, but that in once case the Sendmail/Qmail program does this while I want the MLM to do it.
Setting up an encription-required rule for a list should be easy in either case.
GPG version chauvinism is a must for such a project.
why? you want encryption endemic. Which implies abiliy to handle anyone's public key and do something reasonable with it, not just one. Otherwise, you're balkanized, and that defeats the purpose again.
In turn, that kills the MUAs. However, I don't believe good GPG handling in the MUAs is the necessary-and-sufficient part to bring this about.
If the MUAs don't support encryption, then how will users decrypt something the MLM encrypted? And if the MUA does support encryption -- the MLM doens't have to.
MUAs that support encryption do exist. Unfortunately, they cater mostly to Unix gurus.