Hi again,
To be a bit clearer wrt my questions:
are there any active efforts wrt mailman and encryption? any "post mortems" on former ones?
are some of you interested in mailman+encryption efforts?
I btw expect autocrypt integration to be significantly simpler than previous efforts that dealt with keyservers IISIC.
holger
On Sun, Jan 21, 2018 at 06:47 +0100, holger krekel wrote:
Hi all,
maybe some of you know me for my works on pypy, tox or pytest but this mail will be about something else ...
In the last year i co-instigated a new opportunistic mail encryption effort called Autocrypt (https://autocrypt.org). With Autocrypt Level 1, mail clients (e.g. enigmail, K-9 mail, Delta.chat, ...) send and parse public keys in "Autocrypt" e-mail headers and offer single-click encryption. Releases are upcoming in spring 2018, we have been doing fun and well-received user-testing sessions already with in-development versions.
In 2018, I'd like to tackle basic integration of Mailman and Autocrypt, to achieve opportunistically encrypted mailing lists. The main idea is to grow a mailman mode/plugin to:
have mailman lists maintain a public pgp identity that is added through Autocrypt headers to outgoing mails.
have mailman keep track of "incoming" autocrypt keys and decrypt incoming mails if they are encrypted.
encrypt to those subscribers where we have a proper Autocrypt key
Code wise, i'd like to tackle this based on the the new and evolving (and quite unpublic so far) "muacrypt" project: https://muacrypt.readthedocs.io
From looking at archives and the GSOC idea page i see there were related efforts and ideas. Are there pointers to draft implementations that are still somewhat up to date (with mm3)?
Also, i am considering to submit a project proposal for the Mozilla Mission Partners program which would include a few more things ... OnionMX routing for postfix, and documentation on how to setup a best-practise MM3 mail instance, and maybe organizing a sprint around the mentioned topics.
collaboration welcome'ly yours,
holger
P.S.: i had discussed mm-encryption with Barry 2-3 years ago and feel now, with Autocrypt getting out the door, it's all becoming more feasible.
Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/holger%40merlinux...
Security Policy: http://wiki.list.org/x/QIA9