Hi all,
maybe some of you know me for my works on pypy, tox or pytest but this mail will be about something else ...
In the last year i co-instigated a new opportunistic mail encryption effort called Autocrypt (https://autocrypt.org). With Autocrypt Level 1, mail clients (e.g. enigmail, K-9 mail, Delta.chat, ...) send and parse public keys in "Autocrypt" e-mail headers and offer single-click encryption. Releases are upcoming in spring 2018, we have been doing fun and well-received user-testing sessions already with in-development versions.
In 2018, I'd like to tackle basic integration of Mailman and Autocrypt, to achieve opportunistically encrypted mailing lists. The main idea is to grow a mailman mode/plugin to:
have mailman lists maintain a public pgp identity that is added through Autocrypt headers to outgoing mails.
have mailman keep track of "incoming" autocrypt keys and decrypt incoming mails if they are encrypted.
encrypt to those subscribers where we have a proper Autocrypt key
Code wise, i'd like to tackle this based on the the new and evolving (and quite unpublic so far) "muacrypt" project: https://muacrypt.readthedocs.io
From looking at archives and the GSOC idea page i see there were related efforts and ideas. Are there pointers to draft implementations that are still somewhat up to date (with mm3)?
Also, i am considering to submit a project proposal for the Mozilla Mission Partners program which would include a few more things ... OnionMX routing for postfix, and documentation on how to setup a best-practise MM3 mail instance, and maybe organizing a sprint around the mentioned topics.
collaboration welcome'ly yours,
holger
P.S.: i had discussed mm-encryption with Barry 2-3 years ago and feel now, with Autocrypt getting out the door, it's all becoming more feasible.